Chrome und I-Explorer öffnen dauernd neue Tabs mit Werbung

Robin78 · 15.04.2017, 20:10

Hallo zusammen,

ich habe Winsows 10 Pro als Betriebssystem.
Wenn ich im Chrome oder dem IExplorer URLs öffne oder über die Adresszeile die GoogleSuche betätige öffnen sich andauernd neue Tabs mit Werbung.
Ich habe schon einiges probiert, bekomme es aber nicht in den Griff.
Könnt Ihr mir bitte helfen??

Gruß,
Robin

M-K-D-B · 16.04.2017, 12:26

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Robin78 · 17.04.2017, 19:22

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01
Ran by robin (administrator) on DESKTOP-1H69R6C (17-04-2017 20:14:16)
Running from C:\Users\robin\Downloads
Loaded Profiles: robin (Available Profiles: defaultuser0 & robin)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
() C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxext.exe
(Realtek Semiconductor) C:\Windows\System32\RtkUGui64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [PremierColor] => C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe [5169488 2016-10-21] (Portrait Displays, Inc.)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1682304 2016-12-02] (Sphinx Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTKUGUI] => C:\Windows\system32\RtkUGui64.exe [8611584 2016-05-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-01-17] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [945112 2016-12-27] (Waves Audio Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-02-10] (DivX, LLC)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: {24221694-feb4-11e6-bc26-9cb6d0dadc9c} - "D:\setup.exe" 
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f772f74b-9219-46db-a5fc-b98a542637c3}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-01] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

Edge: 
======
Edge Extension: (Save to Pocket) -> EdgeExtension_PocketSavetoPocket_v63j13wrfzj3t => C:\Program Files\WindowsApps\Pocket.SavetoPocket_2.0.38.0_neutral__v63j13wrfzj3t [2017-04-06]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-02-09] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&atb=v55-3__
CHR DefaultSearchKeyword: Default -> duckduckgo.de
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default [2017-04-17]
CHR Extension: (Google Präsentationen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-10]
CHR Extension: (Google Docs) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-10]
CHR Extension: (Google Drive) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (DuckDuckGo Search) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-03-24]
CHR Extension: (YouTube) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Adblock Plus) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-06]
CHR Extension: (Google Tabellen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-12]
CHR Extension: (Page Ruler) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2017-03-10]
CHR Extension: (Save to Pocket) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-03-17]
CHR Extension: (Mute Button) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmpomgcifgjgecjkglgdbbhlbjceehj [2017-03-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe [285184 2017-01-06] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe [462848 2017-01-06] (Intel Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2017-01-12] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [121376 2016-11-28] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-10-13] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-10-13] (Dell Inc.)
R2 DellPremierColorService; C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe [196944 2016-10-21] (Portrait Displays, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-25] ()
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-01-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe [324608 2017-01-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-15] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-09-22] (Rivet Networks)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-10] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2017-03-16] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-02-24] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-10-25] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [412632 2016-12-27] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4065736 2016-12-02] (Sphinx Software)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{9AFCFC5C-82EA-42CC-B821-B83087347DBA}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32952 2016-10-13] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-02] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [184632 2016-08-30] (Intel Corporation)
S3 iaLPSS2_SPI; C:\Windows\System32\drivers\iaLPSS2_SPI.sys [151352 2016-08-30] (Intel Corporation)
S3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-30] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igdkmd64.sys [11058136 2017-01-06] (Intel Corporation)
R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [225888 2016-11-08] (Intel(R) Corporation)
R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [728672 2016-11-08] (Intel(R) Corporation)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [371352 2016-08-04] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nhi; C:\Windows\system32\DRIVERS\tbt81x.sys [129608 2016-11-20] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2403248 2016-09-22] (Qualcomm Atheros, Inc.)
S3 RtkUsbAD; C:\Windows\system32\drivers\RtUsbA64.sys [118016 2016-05-24] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-05] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [366640 2016-10-26] (Realtek                                                                )
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-17 20:14 - 2017-04-17 20:14 - 00026753 _____ C:\Users\robin\Downloads\FRST.txt
2017-04-17 20:14 - 2017-04-17 20:14 - 00000000 ____D C:\FRST
2017-04-17 20:13 - 2017-04-17 20:14 - 02424832 _____ (Farbar) C:\Users\robin\Downloads\FRST64.exe
2017-04-17 19:25 - 2017-04-17 19:25 - 00000000 ___HD C:\OneDriveTemp
2017-04-15 20:54 - 2017-04-15 20:54 - 00001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-15 20:32 - 2017-04-15 20:32 - 00001312 _____ C:\Users\Public\Desktop\Kaspersky Software Updater.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00001130 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-04-15 20:31 - 2017-04-15 20:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-15 20:29 - 2017-04-15 20:29 - 00830540 _____ C:\Windows\Minidump\041517-7640-01.dmp
2017-04-15 20:24 - 2017-04-15 20:24 - 00000546 _____ C:\Users\robin\Desktop\JRT.txt
2017-04-15 19:56 - 2017-04-15 19:56 - 00000000 ____D C:\Users\robin\AppData\LocalLow\Sun
2017-04-15 19:54 - 2017-04-01 20:52 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-15 19:54 - 2017-04-01 20:52 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-11 21:47 - 2017-04-15 20:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-11 21:47 - 2017-04-11 21:47 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-04-11 21:47 - 2017-04-11 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-04-11 21:47 - 2017-04-11 21:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-11 21:47 - 2017-04-11 21:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-04-11 21:47 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-04-11 21:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-04-11 21:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-11 21:40 - 2017-04-15 20:46 - 00000000 ____D C:\AdwCleaner
2017-04-11 21:09 - 2017-04-11 21:09 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-04-11 21:09 - 2017-04-11 21:09 - 00000000 ____D C:\Program Files\Waves
2017-04-11 21:08 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-04-11 21:08 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 21:08 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-11 21:08 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 21:08 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:15 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-04-11 21:08 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 21:08 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-04-11 21:08 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-11 21:08 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-11 21:08 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 21:08 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 21:08 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys
2017-04-11 21:08 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-04-11 21:08 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-04-11 21:08 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 21:08 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-04-11 21:08 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-11 21:08 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-04-11 21:08 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-04-11 21:08 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-04-11 21:08 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-04-11 21:08 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-04-11 21:08 - 2017-01-10 10:41 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 23547544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 17398616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 09072629 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-04-11 21:08 - 2017-01-10 10:40 - 03503040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00240128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00200704 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-11 21:07 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-04-11 21:07 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-11 21:07 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-04-11 21:07 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-11 21:07 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-11 21:07 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-11 21:07 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-04-11 21:07 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2017-04-11 21:07 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 21:07 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-04-11 21:07 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-04-11 21:07 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-04-11 21:07 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2017-04-11 21:07 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 21:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-04-11 21:07 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-04-11 21:07 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:07 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 21:07 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-04-11 21:07 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2017-04-11 20:54 - 2017-04-11 20:54 - 00000000 ____D C:\Windows\{D82A5F87-1615-44EA-A80A-8629F6F49D54}
2017-04-11 20:44 - 2017-04-15 20:04 - 00001098 _____ C:\Users\Public\Desktop\Dell PremierColor.lnk
2017-04-11 20:44 - 2017-04-11 20:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-11 20:39 - 2017-04-11 20:39 - 00000000 _____ C:\Windows\invcol.tmp
2017-04-08 11:35 - 2017-04-11 21:11 - 00020848 _____ C:\Users\robin\Desktop\Übersicht Steuern_neu.xlsx
2017-04-07 22:56 - 2017-04-07 22:56 - 00002212 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-04-07 22:56 - 2017-04-01 05:27 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-07 22:55 - 2017-04-01 03:36 - 00136248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-04-07 22:53 - 2017-04-01 05:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-07 14:21 - 2017-03-02 19:49 - 02798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe
2017-04-05 21:52 - 2017-04-05 21:52 - 01988508 _____ C:\Windows\Minidump\040517-10515-01.dmp
2017-04-04 19:07 - 2017-04-04 19:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-04 17:36 - 2017-04-04 17:37 - 00000000 ____D C:\ProgramData\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Users\robin\AppData\Roaming\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit AgentInformation
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\Public\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2017-03-28 19:33 - 2017-04-04 20:10 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit Software
2017-03-28 19:33 - 2017-03-28 19:33 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-03-25 18:04 - 2017-03-25 18:04 - 00859348 _____ C:\Windows\Minidump\032517-10093-01.dmp
2017-03-24 20:14 - 2017-03-24 20:14 - 00156196 _____ C:\Windows\system32\tbt_log.txt
2017-03-22 19:26 - 2017-03-22 19:26 - 00003561 _____ C:\Users\robin\AppData\LocalLow\lpm.dat
2017-03-22 19:26 - 2017-03-22 19:26 - 00000000 ____D C:\Users\robin\AppData\Local\DivX
2017-03-21 20:06 - 2017-03-17 03:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437892.dll
2017-03-21 20:06 - 2017-03-17 03:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437892.dll
2017-03-18 17:29 - 2017-04-17 19:28 - 00004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-18 17:29 - 2017-04-17 19:28 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-18 17:28 - 2017-03-18 17:32 - 00000000 ____D C:\Users\robin\AppData\Local\Adobe
2017-03-18 17:13 - 2017-03-18 17:13 - 00003708 _____ C:\Windows\System32\Tasks\DivXUpdate
2017-03-18 17:12 - 2017-03-18 17:13 - 00000000 ____D C:\Users\robin\AppData\Roaming\DivX
2017-03-18 17:12 - 2017-03-18 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-03-18 17:11 - 2017-03-18 17:13 - 00000000 ____D C:\Program Files (x86)\DivX
2017-03-18 17:11 - 2017-03-18 17:11 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-18 17:09 - 2017-03-18 17:13 - 00000000 ____D C:\ProgramData\DivX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-17 19:28 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-17 19:26 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-04-17 19:25 - 2017-03-01 19:36 - 00000000 ___RD C:\Users\robin\OneDrive
2017-04-17 19:25 - 2017-03-01 19:34 - 00000000 __SHD C:\Users\robin\IntelGraphicsProfiles
2017-04-15 23:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-04-15 22:48 - 2017-02-24 11:31 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-04-15 20:34 - 2017-02-24 11:42 - 02614588 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-15 20:34 - 2016-08-01 22:36 - 01034224 _____ C:\Windows\system32\perfh007.dat
2017-04-15 20:34 - 2016-08-01 22:36 - 00250026 _____ C:\Windows\system32\perfc007.dat
2017-04-15 20:30 - 2017-03-01 17:47 - 00000000 ____D C:\Users\robin
2017-04-15 20:29 - 2017-03-10 19:35 - 1239498308 _____ C:\Windows\MEMORY.DMP
2017-04-15 20:29 - 2017-03-10 19:35 - 00000000 ____D C:\Windows\Minidump
2017-04-15 20:29 - 2017-02-24 11:31 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-15 20:15 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\AppData\Local\Eclipse
2017-04-15 20:15 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\.p2
2017-04-15 20:09 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-04-15 20:04 - 2017-03-01 22:51 - 00000000 ____D C:\Users\robin\AppData\Local\CrashDumps
2017-04-15 19:59 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-15 19:58 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-04-15 19:57 - 2017-03-01 19:34 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2017-04-15 19:54 - 2017-02-24 12:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-15 19:52 - 2017-02-24 11:31 - 00335528 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-15 19:51 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2017-04-15 19:50 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-15 19:39 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-04-15 19:35 - 2017-03-05 18:50 - 00000000 ____D C:\Windows\system32\MRT
2017-04-15 19:33 - 2017-03-05 18:50 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-15 19:33 - 2017-03-02 19:43 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-15 19:33 - 2017-03-01 19:36 - 00002369 _____ C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-11 21:54 - 2016-07-16 16:10 - 00000000 ____D C:\Windows\DigitalLocker
2017-04-11 21:09 - 2017-02-24 11:43 - 00003218 _____ C:\Windows\System32\Tasks\RtHDVBg_PushButton
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\system32\RTCOM
2017-04-11 21:09 - 2017-02-24 11:42 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-04-11 21:08 - 2017-02-24 11:42 - 00001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2017-04-11 20:44 - 2017-02-24 11:42 - 00000000 ____D C:\Program Files\Intel
2017-04-11 20:40 - 2017-03-02 19:57 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-07 22:55 - 2017-02-24 11:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-07 15:23 - 2017-03-15 22:17 - 00020502 _____ C:\Users\robin\Desktop\Übersicht Steuern.xlsx
2017-04-07 13:51 - 2017-03-10 20:50 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 13:51 - 2017-03-10 20:50 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-06 20:36 - 2017-03-10 20:51 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 20:36 - 2017-03-10 20:51 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-05 20:58 - 2017-03-02 21:34 - 00000000 ____D C:\Users\robin\.VirtualBox
2017-04-05 19:36 - 2017-03-03 21:01 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-04 19:08 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-04 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-01 05:27 - 2017-02-24 11:46 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-04-01 04:10 - 2017-02-24 11:47 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-04-01 04:09 - 2017-03-02 22:14 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-01 02:41 - 2017-03-02 22:13 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-03-31 12:15 - 2017-02-24 11:47 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-03-29 20:39 - 2017-03-01 19:34 - 00000000 ____D C:\Users\robin\AppData\Local\Packages
2017-03-28 08:20 - 2017-02-24 11:42 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-03-26 20:21 - 2017-03-01 22:11 - 00000000 ____D C:\Users\robin\.webclipse
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\Intel
2017-03-21 21:10 - 2017-03-16 19:17 - 00000000 ___RD C:\Users\robin\OneDrive\Documents\Scanned Documents
2017-03-19 14:09 - 2017-03-01 22:21 - 00000000 ____D C:\Users\robin\AppData\Roaming\npm-cache
2017-03-18 17:12 - 2017-02-24 11:42 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2017-04-07 14:21 - 2017-03-02 19:49 - 2798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe

Some files in TEMP:
====================
2017-03-02 21:51 - 2017-04-17 20:10 - 0035680 _____ () C:\Users\robin\AppData\Local\Temp\i4jdel0.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nslABE1.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nsoC052.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nss93EA.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nsx30B3.tmp.exe
2017-03-21 20:06 - 2017-03-17 00:56 - 0352704 _____ (NVIDIA Corporation) C:\Users\robin\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-05 20:36

==================== End of FRST.txt ============================

--- --- ---

Robin78 · 17.04.2017, 19:22

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by robin (17-04-2017 20:14:57)
Running from C:\Users\robin\Downloads
Windows 10 Pro Version 1607 (X64) (2017-03-01 15:45:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1450654099-1454004737-3937552921-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1450654099-1454004737-3937552921-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1450654099-1454004737-3937552921-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1450654099-1454004737-3937552921-501 - Limited - Disabled)
robin (S-1-5-21-1450654099-1454004737-3937552921-1001 - Administrator - Enabled) => C:\Users\robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Ansel (Version: 381.65 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.0.0 - Dell Inc.) Hidden
Dell PremierColor (HKLM\...\{5CA2B02F-FC89-4F42-A3DA-7649B8EFF194}) (Version: 3.01.002 - Portrait Displays, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssist Remediation (HKLM-x32\...\{cc46e7bd-06f4-45e0-8b67-3ccaca1e4755}) (Version: 2.0.2.1835 - Dell Inc.)
Dell SupportAssist Remediation (Version: 2.0.2.1835 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
DSC/AA Factory Installer (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.1.30.20170325 - Landesfinanzdirektion Thüringen)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Git version 2.12.0 (HKLM\...\Git_is1) (Version: 2.12.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.10.1044 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)
Kaspersky Software Updater (x32 Version: 2.0.0.623 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.64.1312 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.64.1312 - Rivet Networks) Hidden
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.7.9011.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Node.js (HKLM\...\{84F68739-3B44-4D36-ABDB-2151A23C9C3D}) (Version: 6.10.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8037 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.50 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.12.1007.2016 - Realtek)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Synaptics Fingerprint Reader(WBF) (HKLM\...\{204CE0B6-C8CA-470F-A5B0-12A848545379}) (Version: 5.1.3214.26 - Synaptics Incorporated)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows10FirewallControl Free 8.1.0.16 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.1.0.16 - Sphinx Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1450654099-1454004737-3937552921-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009DF91C-F583-40AF-A63E-0C2423877E0B} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe 
Task: {00C1F32B-A14F-4381-B905-306A509AA5CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {16D21BDD-D978-4F0A-BC03-D2C62590CB71} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2017-01-12] (Dell Inc.)
Task: {17BE4ED4-59B7-4338-A3D1-E34724372948} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {27F05B65-1F3E-46C7-B285-DD5DCB0B0EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {2B1890E7-FAD3-47A3-9D65-CB3AF3E743D8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe 
Task: {47B09345-5BFD-4AD6-94DF-BDC941C93A92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {48E41CA8-B1FA-47AD-BBFF-70E579463BCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {4C24968A-B4C9-4F35-8DE5-41FCF40F5899} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {52AAEF83-F3CF-4344-9058-BACA797CF84E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-27] (Intel(R) Corporation)
Task: {5806A7AE-BF11-4216-BED1-39F7083ED779} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe 
Task: {5BC7D57E-D8FB-425D-844C-640096D6ED6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {68A47FD0-5A12-4443-AA82-BB2BECA74835} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {7493BC3A-4455-4B5E-953C-4B24DD004AA0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {8A5228F6-9872-4923-A99C-B7D616963F98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {96F3BC87-EFB6-4597-AAC4-3DCA2705EC65} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {A300453A-AF19-4961-9164-3BB8B0F0FDCF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-01-10] (Realtek Semiconductor)
Task: {A78CA869-0B2C-4890-BECB-D1CF8EBA0F50} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-10-25] (Dell Inc.)
Task: {C1660831-8AD8-4E58-930E-5B4EF6D07A47} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {C5ADED52-00FE-4389-BD04-61AC32265212} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {CB7AE228-0E76-4C38-A125-ED59F8D34EC3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {D51B53A5-F84D-4E65-9D2C-27A53FD93300} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe 
Task: {E7C42226-3250-4804-A8E9-772EADF75FCA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {F0747D1C-58F6-4D3A-8C56-C8BF48DADD5A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {F4BC44A0-F436-43FA-994D-5C4EFB6C2AAF} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-02-03] (DivX, LLC)
Task: {F9A641CD-D87B-4F98-B683-E5A6C23F2927} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe 
Task: {FECBFDE2-2FB7-400D-AB50-793232BABBC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 

==================== Loaded Modules (Whitelisted) ==============

2017-03-16 19:27 - 2015-03-12 04:43 - 00022528 _____ () C:\Windows\System32\us003lm.dll
2017-03-16 19:27 - 2017-03-16 19:27 - 00143664 ____N () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2017-03-02 22:14 - 2017-02-23 20:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-16 19:29 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2017-03-16 19:29 - 2013-06-28 16:36 - 00091136 _____ () C:\Windows\system32\SSDEVM64.DLL
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-02-24 11:25 - 2017-02-24 11:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:36 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:37 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-15 19:39 - 2017-04-15 19:40 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2016-10-21 03:09 - 2016-10-21 03:09 - 00280400 _____ () C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
2017-03-03 21:08 - 2017-03-03 21:08 - 02210480 _____ () C:\Program Files\Microsoft Office\Root\Office16\tmpod.dll
2017-03-03 21:07 - 2017-03-06 03:51 - 01397440 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2017-03-03 21:07 - 2017-03-08 07:00 - 00191688 _____ () C:\Program Files\Microsoft Office\Root\Office16\OUTLCTL.DLL
2017-03-03 21:21 - 2017-03-06 03:55 - 00694464 _____ () C:\Program Files\Microsoft Office\root\Office16\msfad.dll
2016-09-15 06:25 - 2016-09-15 06:25 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-26 23:42 - 2016-11-26 23:42 - 00332104 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\dblite.dll
2016-11-26 23:37 - 2016-11-26 23:37 - 00418512 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-02 22:14 - 2017-02-23 20:35 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libcef.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libglesv2.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libegl.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2017-03-02 22:14 - 2017-02-23 16:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-03-02 22:14 - 2017-02-23 16:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\XPS 15 Wallpaper Red Mum Flower WQHD.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{2F42B276-C379-4C67-A403-5C41C0EB2867}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [UDP Query User{674FA980-0D83-4B0C-8A2D-91254383B5BF}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [TCP Query User{337CD8FB-948A-464B-9DF2-1D9FB107B346}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{1A63221C-06AC-467E-A04F-C3D7A642F661}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{668B1D3E-EFAD-47E2-B5F8-871899C4E3B7}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [UDP Query User{2BB90E6B-A6F5-40CF-95D7-B185993D1576}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [{47802D7A-3EFE-4B66-A5C3-91BAFEDD276E}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{10322437-84B3-4013-9860-E54975D668BD}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [{EAF54FC7-4FBC-4B3D-ADED-9665D2E6CE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FC93204-8D30-48FF-91ED-C15D30BD30D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1D1D88A1-4B0D-4CF0-A22F-A4FF3EBA4EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB9C5582-0D58-4449-AF4C-9A1848D7742F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4276B9F8-DD16-4181-9799-C3EC6889AFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E29BD7-0E93-4F98-A77A-14B6B7A5E748}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BF415850-EF03-4F0E-A993-38ACCDA00F4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1F016856-6A94-441F-9783-36C5B6CDD52E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{27F7A04A-7C4B-41D8-97F0-87FA7617A644}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CC5FE35E-0BCE-4C3D-B2F7-C9F214017759}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{1D7B8FA1-256A-4120-B307-7F55AE5EE035}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{83260F9F-5C18-4F49-B413-B4789DF0D66A}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0D96CAEE-A1D4-427C-834D-A670D618BD42}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{BDBF7F29-ED7D-4620-B957-17111D6C6277}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{A17AEE49-7E40-42BC-A867-4AFD1E8FEBB5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{B29B8897-7E64-4B5D-A32C-67AC1437B22E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4CD07DC7-87E3-4E70-A796-0B90CCCCD74E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4C8357B9-C4A9-4841-A20E-E5484959041B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{69D1D28C-97B9-4EF1-AE94-48C3D4D07CDC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{51B55648-FE3C-4EB8-99A7-6360A04CA2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-04-2017 20:44:19 IIF_MSI
11-04-2017 21:56:39 JRT Pre-Junkware Removal
15-04-2017 19:33:26 Windows Update
15-04-2017 20:23:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2017 07:43:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/15/2017 09:02:00 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/15/2017 09:02:00 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/15/2017 08:23:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (04/15/2017 08:04:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PremierColor.exe, version: 3.1.0.2, time stamp: 0x58096a2b
Faulting module name: PremierColor.exe, version: 3.1.0.2, time stamp: 0x58096a2b
Exception code: 0xc0000005
Fault offset: 0x00000000000e5cf4
Faulting process id: 0x2cb0
Faulting application start time: 0x01d2b612b011c7a3
Faulting application path: C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
Faulting module path: C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
Report Id: f754213a-07a4-4435-9366-a5bffad78dad
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/15/2017 07:46:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/15/2017 07:35:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MRT.exe, version: 5.47.13703.0, time stamp: 0x58dec9f9
Faulting module name: combase.dll, version: 10.0.14393.953, time stamp: 0x58ba5954
Exception code: 0xc0000005
Fault offset: 0x00000000000b071c
Faulting process id: 0x183c
Faulting application start time: 0x01d2b60e6b2c3fc0
Faulting application path: C:\Windows\system32\MRT.exe
Faulting module path: C:\Windows\System32\combase.dll
Report Id: fc6c35e5-c3b1-46d6-8cd2-f96d9f67f7cf
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/15/2017 07:33:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (04/11/2017 09:56:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (04/11/2017 09:50:11 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [10] ERROR- Failed to loadData! #StackInfo#


System errors:
=============
Error: (04/17/2017 07:25:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/17/2017 07:25:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/17/2017 07:25:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 11:32:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 11:16:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.178.55.
The computer with the IP address 192.168.178.1 did not allow the name to be claimed by
this computer.

Error: (04/15/2017 11:15:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 09:28:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 08:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 08:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 08:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2017-04-05 20:36:29.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ea62e0c945f71b38\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 22:00:41.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_94ef852442bb9b92\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-10 18:47:29.551
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_94ef852442bb9b92\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-08 20:05:16.956
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_0b48067f69110820\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-05 18:12:29.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_0b48067f69110820\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-02 19:41:38.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_0b48067f69110820\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 29%
Total physical RAM: 16202 MB
Available physical RAM: 11383.42 MB
Total Virtual: 18634 MB
Available Virtual: 13796.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:462.86 GB) (Free:311.15 GB) NTFS
Drive d: (Doom) (CDROM) (Total:62.3 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 2599A35B)

Partition: GPT.

==================== End of Addition.txt ============================

Robin78 · 17.04.2017, 19:37

TDSSKiller Teil 1

Code:

ATTFilter

20:27:51.0003 0x25cc  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
20:27:51.0003 0x25cc  UEFI system
20:28:13.0417 0x25cc  ============================================================
20:28:13.0417 0x25cc  Current date / time: 2017/04/17 20:28:13.0417
20:28:13.0449 0x25cc  SystemInfo:
20:28:13.0449 0x25cc  
20:28:13.0449 0x25cc  OS Version: 10.0.14393 ServicePack: 0.0
20:28:13.0449 0x25cc  Product type: Workstation
20:28:13.0449 0x25cc  ComputerName: DESKTOP-1H69R6C
20:28:13.0449 0x25cc  UserName: robin
20:28:13.0449 0x25cc  Windows directory: C:\Windows
20:28:13.0449 0x25cc  System windows directory: C:\Windows
20:28:13.0449 0x25cc  Running under WOW64
20:28:13.0449 0x25cc  Processor architecture: Intel x64
20:28:13.0449 0x25cc  Number of processors: 8
20:28:13.0449 0x25cc  Page size: 0x1000
20:28:13.0449 0x25cc  Boot type: Normal boot
20:28:13.0449 0x25cc  CodeIntegrityOptions = 0x0000C001
20:28:13.0449 0x25cc  ============================================================
20:28:13.0533 0x25cc  KLMD registered as C:\Windows\system32\drivers\41959427.sys
20:28:13.0533 0x25cc  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
20:28:14.0065 0x25cc  System UUID: {3D37F0F1-94DF-CD7E-13B6-1BC3BCAA0E57}
20:28:14.0503 0x25cc  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:14.0503 0x25cc  ============================================================
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0:
20:28:14.0503 0x25cc  GPT partitions:
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3264B689-F97C-4AF1-A2D0-1D10E4326E2E}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CFD616C3-5588-44A4-9CAD-38E7BBFAD347}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {24CEBC42-377A-43DA-A2DD-A99D09C80AEC}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0x39DB9800
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C137EADE-83E1-4317-BF10-56588F0CB9C5}, Name: , StartLBA 0x39EF4000, BlocksNum 0xE7000
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9DBBAB45-1BB0-41D3-B831-CB26B7D7DA18}, Name: , StartLBA 0x39FDB000, BlocksNum 0x17BB800
20:28:14.0503 0x25cc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FB4273FE-4B79-4738-ADB8-C68575F7D8AE}, Name: , StartLBA 0x3B797000, BlocksNum 0x24A000
20:28:14.0503 0x25cc  MBR partitions:
20:28:14.0503 0x25cc  ============================================================
20:28:14.0503 0x25cc  C: <-> \Device\Harddisk0\DR0\Partition3
20:28:14.0503 0x25cc  ============================================================
20:28:14.0503 0x25cc  Initialize success
20:28:14.0503 0x25cc  ============================================================
20:29:12.0792 0x1684  ============================================================
20:29:12.0792 0x1684  Scan started
20:29:12.0792 0x1684  Mode: Manual; SigCheck; TDLFS; 
20:29:12.0792 0x1684  ============================================================
20:29:12.0792 0x1684  KSN ping started
20:29:13.0145 0x1684  KSN ping finished: true
20:29:13.0628 0x1684  ================ Scan system memory ========================
20:29:13.0628 0x1684  System memory - ok
20:29:13.0628 0x1684  ================ Scan services =============================
20:29:13.0691 0x1684  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:29:13.0744 0x1684  1394ohci - ok
20:29:13.0760 0x1684  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:29:13.0775 0x1684  3ware - ok
20:29:13.0806 0x1684  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:29:13.0829 0x1684  ACPI - ok
20:29:13.0829 0x1684  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
20:29:13.0844 0x1684  AcpiDev - ok
20:29:13.0844 0x1684  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:29:13.0860 0x1684  acpiex - ok
20:29:13.0860 0x1684  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:29:13.0876 0x1684  acpipagr - ok
20:29:13.0876 0x1684  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:29:13.0891 0x1684  AcpiPmi - ok
20:29:13.0891 0x1684  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:29:13.0907 0x1684  acpitime - ok
20:29:13.0960 0x1684  [ 95FF82767D666AC11CF644FDA976270D, CEF6BD96C59438B0AA01334FD0DCC719229E8DF17453519ECE79491CBEF5354E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:29:13.0975 0x1684  AdobeFlashPlayerUpdateSvc - ok
20:29:13.0991 0x1684  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
20:29:14.0045 0x1684  ADP80XX - ok
20:29:14.0060 0x1684  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\Windows\system32\drivers\afd.sys
20:29:14.0076 0x1684  AFD - ok
20:29:14.0091 0x1684  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
20:29:14.0107 0x1684  ahcache - ok
20:29:14.0128 0x1684  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\Windows\System32\AJRouter.dll
20:29:14.0129 0x1684  AJRouter - ok
20:29:14.0145 0x1684  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\Windows\System32\alg.exe
20:29:14.0160 0x1684  ALG - ok
20:29:14.0176 0x1684  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:29:14.0192 0x1684  AmdK8 - ok
20:29:14.0207 0x1684  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:29:14.0230 0x1684  AmdPPM - ok
20:29:14.0230 0x1684  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:29:14.0245 0x1684  amdsata - ok
20:29:14.0261 0x1684  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:29:14.0292 0x1684  amdsbs - ok
20:29:14.0292 0x1684  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:29:14.0308 0x1684  amdxata - ok
20:29:14.0308 0x1684  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\Windows\system32\drivers\appid.sys
20:29:14.0329 0x1684  AppID - ok
20:29:14.0330 0x1684  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:29:14.0345 0x1684  AppIDSvc - ok
20:29:14.0345 0x1684  [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo         C:\Windows\System32\appinfo.dll
20:29:14.0361 0x1684  Appinfo - ok
20:29:14.0361 0x1684  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
20:29:14.0377 0x1684  applockerfltr - ok
20:29:14.0392 0x1684  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:29:14.0408 0x1684  AppMgmt - ok
20:29:14.0430 0x1684  [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
20:29:14.0461 0x1684  AppReadiness - ok
20:29:14.0477 0x1684  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\Windows\system32\AppVClient.exe
20:29:14.0530 0x1684  AppVClient - ok
20:29:14.0530 0x1684  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
20:29:14.0545 0x1684  AppvStrm - ok
20:29:14.0545 0x1684  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
20:29:14.0561 0x1684  AppvVemgr - ok
20:29:14.0561 0x1684  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
20:29:14.0576 0x1684  AppvVfs - ok
20:29:14.0645 0x1684  [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
20:29:14.0708 0x1684  AppXSvc - ok
20:29:14.0745 0x1684  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:29:14.0760 0x1684  arcsas - ok
20:29:14.0760 0x1684  [ 1C4D6E2EC11D366D03004D2E84071685, 1060EAB1D83BDF19E310012E3C3337F138C15994705F73BDF4B0A90120A6DABA ] asmthub3        C:\Windows\System32\drivers\asmthub3.sys
20:29:14.0776 0x1684  asmthub3 - ok
20:29:14.0807 0x1684  [ AB7FDD1A95C43F7C6C35BF023E411267, 72AB10932EDE29D8087FA63F1E287FC2D89D2010455233CBBC12C698DB905F42 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
20:29:14.0829 0x1684  asmtxhci - ok
20:29:14.0829 0x1684  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
20:29:14.0845 0x1684  AsyncMac - ok
20:29:14.0860 0x1684  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:29:14.0860 0x1684  atapi - ok
20:29:14.0876 0x1684  [ 344566D820BED968FA65F5F7F14D56D4, 9B483FF87EEA67D5A2FC233F4735D676777B7478929D5B30D439C81EC2D2B66C ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:29:14.0907 0x1684  AtherosSvc - ok
20:29:14.0925 0x1684  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:29:14.0945 0x1684  AudioEndpointBuilder - ok
20:29:14.0976 0x1684  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:29:15.0030 0x1684  Audiosrv - ok
20:29:15.0030 0x1684  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:29:15.0046 0x1684  AxInstSV - ok
20:29:15.0046 0x1684  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:29:15.0061 0x1684  b06bdrv - ok
20:29:15.0077 0x1684  [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:29:15.0077 0x1684  BasicDisplay - ok
20:29:15.0092 0x1684  [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:29:15.0092 0x1684  BasicRender - ok
20:29:15.0092 0x1684  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
20:29:15.0108 0x1684  bcmfn - ok
20:29:15.0108 0x1684  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
20:29:15.0125 0x1684  bcmfn2 - ok
20:29:15.0130 0x1684  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:29:15.0146 0x1684  BDESVC - ok
20:29:15.0146 0x1684  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\Windows\system32\drivers\Beep.sys
20:29:15.0161 0x1684  Beep - ok
20:29:15.0161 0x1684  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\Windows\System32\bfe.dll
20:29:15.0208 0x1684  BFE - ok
20:29:15.0208 0x1684  [ DFFDD29A2D782F6A497F43F2A7328D14, 9260966C64038F4E1D746F940D46DEB87FE5DD1288BF87428B197F2975863DBD ] BfLwf           C:\Windows\system32\DRIVERS\bwcW10x64.sys
20:29:15.0229 0x1684  BfLwf - ok
20:29:15.0246 0x1684  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\Windows\System32\qmgr.dll
20:29:15.0277 0x1684  BITS - ok
20:29:15.0277 0x1684  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:29:15.0293 0x1684  bowser - ok
20:29:15.0293 0x1684  [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:29:15.0331 0x1684  BrokerInfrastructure - ok
20:29:15.0346 0x1684  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\Windows\System32\browser.dll
20:29:15.0362 0x1684  Browser - ok
20:29:15.0362 0x1684  [ 528C1166F873E1F5AE3D38748139036C, 4DB53DB42E7820D47DE15C41FD797BA0C0499C829CB7220700ACEECAD96B0EB0 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:29:15.0378 0x1684  BtFilter - ok
20:29:15.0378 0x1684  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:29:15.0393 0x1684  BthAvrcpTg - ok
20:29:15.0393 0x1684  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
20:29:15.0409 0x1684  BthEnum - ok
20:29:15.0409 0x1684  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:29:15.0431 0x1684  BthHFEnum - ok
20:29:15.0431 0x1684  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:29:15.0447 0x1684  bthhfhid - ok
20:29:15.0462 0x1684  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
20:29:15.0493 0x1684  BthHFSrv - ok
20:29:15.0509 0x1684  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
20:29:15.0531 0x1684  BthLEEnum - ok
20:29:15.0531 0x1684  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:29:15.0547 0x1684  BTHMODEM - ok
20:29:15.0562 0x1684  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
20:29:15.0578 0x1684  BthPan - ok
20:29:15.0609 0x1684  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
20:29:15.0647 0x1684  BTHPORT - ok
20:29:15.0663 0x1684  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\Windows\system32\bthserv.dll
20:29:15.0663 0x1684  bthserv - ok
20:29:15.0678 0x1684  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
20:29:15.0678 0x1684  BTHUSB - ok
20:29:15.0694 0x1684  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
20:29:15.0694 0x1684  buttonconverter - ok
20:29:15.0710 0x1684  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\Windows\System32\drivers\capimg.sys
20:29:15.0710 0x1684  CapImg - ok
20:29:15.0726 0x1684  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:29:15.0732 0x1684  cdfs - ok
20:29:15.0732 0x1684  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
20:29:15.0747 0x1684  CDPSvc - ok
20:29:15.0763 0x1684  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
20:29:15.0779 0x1684  CDPUserSvc - ok
20:29:15.0794 0x1684  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:29:15.0829 0x1684  cdrom - ok
20:29:15.0832 0x1684  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:29:15.0848 0x1684  CertPropSvc - ok
20:29:15.0863 0x1684  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
20:29:15.0894 0x1684  cht4iscsi - ok
20:29:15.0948 0x1684  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
20:29:16.0010 0x1684  cht4vbd - ok
20:29:16.0010 0x1684  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\Windows\System32\drivers\circlass.sys
20:29:16.0010 0x1684  circlass - ok
20:29:16.0032 0x1684  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:29:16.0063 0x1684  CLFS - ok
20:29:16.0164 0x1684  [ F7BCDE28B6F0A57AD443DF3AA26F0052, A2AD94A8B89B22C5AD4B6926617338E867392A27F166CB70591788EC8651387F ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:29:16.0227 0x1684  ClickToRunSvc - ok
20:29:16.0264 0x1684  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\Windows\System32\ClipSVC.dll
20:29:16.0295 0x1684  ClipSVC - ok
20:29:16.0295 0x1684  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\Windows\System32\drivers\registry.sys
20:29:16.0311 0x1684  clreg - ok
20:29:16.0330 0x1684  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:29:16.0333 0x1684  CmBatt - ok
20:29:16.0348 0x1684  [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG             C:\Windows\system32\Drivers\cng.sys
20:29:16.0364 0x1684  CNG - ok
20:29:16.0380 0x1684  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
20:29:16.0380 0x1684  cnghwassist - ok
20:29:16.0395 0x1684  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
20:29:16.0411 0x1684  CompositeBus - ok
20:29:16.0411 0x1684  COMSysApp - ok
20:29:16.0411 0x1684  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\Windows\system32\drivers\condrv.sys
20:29:16.0433 0x1684  condrv - ok
20:29:16.0433 0x1684  [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
20:29:16.0464 0x1684  CoreMessagingRegistrar - ok
20:29:16.0464 0x1684  [ C45F1937344D59F52080C8B70B1B72D1, E016EC7AC3367F0C5DDBF8D912CDDD3217C08C317C4E412E25BDB16DE2FD7E85 ] cphs            C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe
20:29:16.0480 0x1684  cphs - ok
20:29:16.0496 0x1684  [ 36098E9D0C5C9D76CAA6C4E3EAA65B4A, 3F2B10B0A2C844E527498143859FE201CD733520EC9F3695A973FA99E83BD95D ] cplspcon        C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe
20:29:16.0533 0x1684  cplspcon - ok
20:29:16.0533 0x1684  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:29:16.0549 0x1684  CryptSvc - ok
20:29:16.0565 0x1684  [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC             C:\Windows\system32\drivers\csc.sys
20:29:16.0596 0x1684  CSC - ok
20:29:16.0612 0x1684  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\Windows\System32\cscsvc.dll
20:29:16.0634 0x1684  CscService - ok
20:29:16.0649 0x1684  [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam             C:\Windows\system32\drivers\dam.sys
20:29:16.0665 0x1684  dam - ok
20:29:16.0681 0x1684  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:29:16.0712 0x1684  DcomLaunch - ok
20:29:16.0729 0x1684  [ 28F29BD130E14884F3339EADE6D67D05, 637B63BE56F2456E2FBD986B2C07469DE395E34D7D8D20B0AE7F90248E4073FB ] dcpm-notify     C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
20:29:16.0734 0x1684  dcpm-notify - ok
20:29:16.0734 0x1684  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
20:29:16.0765 0x1684  DcpSvc - ok
20:29:16.0765 0x1684  [ E059E87B2A727A3878A3F6D6DBC837EA, A88A3655B4E6ABA4A0B9C8EB444721DEC8A084599F2AAA7C27D6AE440C46B8AA ] dcu-oobe        C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe
20:29:16.0765 0x1684  dcu-oobe - ok
20:29:16.0781 0x1684  [ BD89DC317123C6B94735F476D0BA3B7E, 56AFE90E03EA070D700886834B54FD8860306F8AAC42A5A96F1D8501C8A6B936 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
20:29:16.0781 0x1684  DDDriver - ok
20:29:16.0797 0x1684  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:29:16.0828 0x1684  defragsvc - ok
20:29:16.0833 0x1684  [ 0E805853B07538A381E79E4649F59CA7, AB872D1A76F0B57FD824042F4736F3232D2BA1D70AC9E8BE79601F72C81F3505 ] Dell SupportAssist Remediation C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
20:29:16.0834 0x1684  Dell SupportAssist Remediation - ok
20:29:16.0834 0x1684  Dell.CommandPowerManager.Service - ok
20:29:16.0897 0x1684  [ 14B6DC9ABC4223B1CF6AA182FFE03CC3, FFBCA95107358301DBD9A617978950ACC750599C11A339897433C1C4FA192FEF ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
20:29:16.0950 0x1684  DellDataVault - ok
20:29:16.0965 0x1684  [ 090FA228FD3BACD10900D4EED7D45383, 94143C23FD228D6B71857CBB0CD4A3EBE27CE6468B97FBD9F7B0CEC8CB731313 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
20:29:16.0965 0x1684  DellDataVaultWiz - ok
20:29:16.0981 0x1684  [ 9F39F1192E4BE14FD6E4D2B4A9FB1579, 659E843B449E4921F59BAE8ADFEF659E5388518CAE5D7F6CA3BA41EA041D2142 ] DellPremierColorService C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
20:29:16.0981 0x1684  DellPremierColorService - ok
20:29:16.0997 0x1684  [ 0D9B164719B109911B30084B3B0D05A1, F459257F439432E1C8626CF679EC9BE8C0E807A661C8446CA4580263BA154952 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
20:29:16.0997 0x1684  DellProf - ok
20:29:17.0012 0x1684  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
20:29:17.0030 0x1684  DeviceAssociationService - ok
20:29:17.0034 0x1684  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:29:17.0050 0x1684  DeviceInstall - ok
20:29:17.0050 0x1684  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
20:29:17.0050 0x1684  DevQueryBroker - ok
20:29:17.0066 0x1684  [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:29:17.0081 0x1684  Dfsc - ok
20:29:17.0097 0x1684  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:29:17.0135 0x1684  Dhcp - ok
20:29:17.0150 0x1684  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:29:17.0166 0x1684  diagnosticshub.standardcollector.service - ok
20:29:17.0235 0x1684  [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:29:17.0298 0x1684  DiagTrack - ok
20:29:17.0366 0x1684  [ 157A87652B6150F4552C8F5BE2846418, D2E0C848CDB5FC82901CBB0DBC8663037C8FA14A78ED80DBAEE6CC7DD49FF83B ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
20:29:17.0397 0x1684  Disc Soft Lite Bus Service - ok
20:29:17.0413 0x1684  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\Windows\system32\drivers\disk.sys
20:29:17.0413 0x1684  disk - ok
20:29:17.0435 0x1684  [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
20:29:17.0451 0x1684  DmEnrollmentSvc - ok
20:29:17.0451 0x1684  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:29:17.0466 0x1684  dmvsc - ok
20:29:17.0466 0x1684  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
20:29:17.0482 0x1684  dmwappushservice - ok
20:29:17.0482 0x1684  [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:29:17.0497 0x1684  Dnscache - ok
20:29:17.0497 0x1684  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\Windows\System32\dot3svc.dll
20:29:17.0513 0x1684  dot3svc - ok
20:29:17.0533 0x1684  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\Windows\system32\dps.dll
20:29:17.0535 0x1684  DPS - ok
20:29:17.0535 0x1684  [ BA6D7FBD468074DBA4F053BF868CC31C, C808EF2752E2176032DBAC8C12A624CAD3D3495F8C9A9336D25A15A750BF9CBF ] dptf_acpi       C:\Windows\System32\drivers\dptf_acpi.sys
20:29:17.0551 0x1684  dptf_acpi - ok
20:29:17.0551 0x1684  [ E3FF0C39090CEF3C46DBEF72F70ADCE7, 7F91DB567D9BFEB25FD8407C22725734E5975E68A101EBCC0345A72A7C3B791C ] dptf_cpu        C:\Windows\System32\drivers\dptf_cpu.sys
20:29:17.0567 0x1684  dptf_cpu - ok
20:29:17.0567 0x1684  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\Windows\system32\DRIVERS\drmkaud.sys
20:29:17.0567 0x1684  drmkaud - ok
20:29:17.0582 0x1684  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:29:17.0598 0x1684  DsmSvc - ok
20:29:17.0598 0x1684  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\Windows\System32\DsSvc.dll
20:29:17.0613 0x1684  DsSvc - ok
20:29:17.0629 0x1684  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\Windows\System32\drivers\dtlitescsibus.sys
20:29:17.0635 0x1684  dtlitescsibus - ok
20:29:17.0635 0x1684  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\Windows\System32\drivers\dtliteusbbus.sys
20:29:17.0651 0x1684  dtliteusbbus - ok
20:29:17.0713 0x1684  [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:29:17.0767 0x1684  DXGKrnl - ok
20:29:17.0798 0x1684  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:29:17.0814 0x1684  EapHost - ok
20:29:17.0903 0x1684  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:29:17.0967 0x1684  ebdrv - ok
20:29:17.0998 0x1684  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\Windows\System32\lsass.exe
20:29:18.0014 0x1684  EFS - ok
20:29:18.0036 0x1684  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:29:18.0052 0x1684  EhStorClass - ok
20:29:18.0052 0x1684  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:29:18.0067 0x1684  EhStorTcgDrv - ok
20:29:18.0114 0x1684  [ FC5412E3F89F9E53494D3C093676D578, CAB2E0388CED31FCD182CBA400FBE464A6B377395D31D047F44D8BED0EDECE70 ] ElfoService     C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe
20:29:18.0152 0x1684  ElfoService - ok
20:29:18.0152 0x1684  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
20:29:18.0167 0x1684  embeddedmode - ok
20:29:18.0167 0x1684  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
20:29:18.0183 0x1684  EntAppSvc - ok
20:29:18.0198 0x1684  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:29:18.0198 0x1684  ErrDev - ok
20:29:18.0267 0x1684  [ 5726DCC37AA48A0C14942370117758E3, 93F9A177D5ECA6DDDE4B9288E3B5E0905CEB797B4FE4CA36A4127B60EF3DDA02 ] esifsvc         C:\Windows\system32\Intel\DPTF\esif_uf.exe
20:29:18.0314 0x1684  esifsvc - ok
20:29:18.0314 0x1684  [ 4B5D0135E2DEC933413D423DA4E97235, C9CE7D503E09AFCE463D8E14BAC6FD7879F2AFD13975F88F2DDF59EB9D222536 ] esif_lf         C:\Windows\system32\DRIVERS\esif_lf.sys
20:29:18.0336 0x1684  esif_lf - ok
20:29:18.0352 0x1684  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\Windows\system32\es.dll
20:29:18.0399 0x1684  EventSystem - ok
20:29:18.0399 0x1684  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\Windows\system32\drivers\exfat.sys
20:29:18.0436 0x1684  exfat - ok
20:29:18.0452 0x1684  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:29:18.0483 0x1684  fastfat - ok
20:29:18.0499 0x1684  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\Windows\system32\fxssvc.exe
20:29:18.0515 0x1684  Fax - ok
20:29:18.0531 0x1684  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:29:18.0537 0x1684  fdc - ok
20:29:18.0537 0x1684  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:29:18.0552 0x1684  fdPHost - ok
20:29:18.0552 0x1684  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\Windows\system32\fdrespub.dll
20:29:18.0568 0x1684  FDResPub - ok
20:29:18.0584 0x1684  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\Windows\system32\fhsvc.dll
20:29:18.0599 0x1684  fhsvc - ok
20:29:18.0615 0x1684  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
20:29:18.0637 0x1684  FileCrypt - ok
20:29:18.0637 0x1684  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:29:18.0653 0x1684  FileInfo - ok
20:29:18.0653 0x1684  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:29:18.0684 0x1684  Filetrace - ok
20:29:18.0684 0x1684  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:29:18.0700 0x1684  flpydisk - ok
20:29:18.0715 0x1684  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:29:18.0737 0x1684  FltMgr - ok
20:29:18.0769 0x1684  [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache       C:\Windows\system32\FntCache.dll
20:29:18.0816 0x1684  FontCache - ok
20:29:18.0836 0x1684  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:29:18.0838 0x1684  FontCache3.0.0.0 - ok
20:29:18.0869 0x1684  [ 02C0D16BBEF9C7CCE913D22BF01B2987, 30F3D901A83678500B8EC36F263E2B18EEE11F9D025DA24C10F10FFD46A7A9AB ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
20:29:18.0900 0x1684  FoxitReaderService - ok
20:29:18.0916 0x1684  [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer     C:\Windows\system32\FrameServer.dll
20:29:18.0954 0x1684  FrameServer - ok
20:29:18.0954 0x1684  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:29:18.0954 0x1684  FsDepends - ok
20:29:18.0969 0x1684  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:29:18.0969 0x1684  Fs_Rec - ok
20:29:19.0000 0x1684  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:29:19.0038 0x1684  fvevol - ok
20:29:19.0038 0x1684  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:29:19.0053 0x1684  gencounter - ok
20:29:19.0053 0x1684  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
20:29:19.0069 0x1684  genericusbfn - ok
20:29:19.0069 0x1684  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:29:19.0085 0x1684  GPIOClx0101 - ok
20:29:19.0136 0x1684  [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc           C:\Windows\System32\gpsvc.dll
20:29:19.0169 0x1684  gpsvc - ok
20:29:19.0185 0x1684  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
20:29:19.0185 0x1684  GpuEnergyDrv - ok
20:29:19.0185 0x1684  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:19.0200 0x1684  gupdate - ok
20:29:19.0216 0x1684  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:19.0216 0x1684  gupdatem - ok
20:29:19.0237 0x1684  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
20:29:19.0269 0x1684  HdAudAddService - ok
20:29:19.0284 0x1684  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:29:19.0300 0x1684  HDAudBus - ok
20:29:19.0300 0x1684  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:29:19.0316 0x1684  HidBatt - ok
20:29:19.0337 0x1684  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:29:19.0354 0x1684  HidBth - ok
20:29:19.0354 0x1684  [ B6F57844A98EB86D51F59DCC144F9EAF, 0229F0114CB0EB8665CF0DE429B6723276A538E793F023EF1DA299130D9C52FC ] HidEventFilter  C:\Windows\System32\drivers\HidEventFilter.sys
20:29:19.0369 0x1684  HidEventFilter - ok
20:29:19.0369 0x1684  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:29:19.0385 0x1684  hidi2c - ok
20:29:19.0400 0x1684  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
20:29:19.0416 0x1684  hidinterrupt - ok
20:29:19.0416 0x1684  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:29:19.0438 0x1684  HidIr - ok
20:29:19.0438 0x1684  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\Windows\system32\hidserv.dll
20:29:19.0453 0x1684  hidserv - ok
20:29:19.0469 0x1684  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:29:19.0485 0x1684  HidUsb - ok
20:29:19.0500 0x1684  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:29:19.0533 0x1684  HomeGroupListener - ok
20:29:19.0538 0x1684  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:29:19.0585 0x1684  HomeGroupProvider - ok
20:29:19.0585 0x1684  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:29:19.0600 0x1684  HpSAMD - ok
20:29:19.0638 0x1684  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:29:19.0670 0x1684  HTTP - ok
20:29:19.0685 0x1684  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\Windows\System32\hvhostsvc.dll
20:29:19.0685 0x1684  HvHost - ok
20:29:19.0701 0x1684  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
20:29:19.0701 0x1684  hvservice - ok
20:29:19.0716 0x1684  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:29:19.0716 0x1684  hwpolicy - ok
20:29:19.0737 0x1684  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:29:19.0739 0x1684  hyperkbd - ok
20:29:19.0754 0x1684  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:29:19.0770 0x1684  i8042prt - ok
20:29:19.0785 0x1684  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
20:29:19.0801 0x1684  iagpio - ok
20:29:19.0801 0x1684  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
20:29:19.0817 0x1684  iai2c - ok
20:29:19.0838 0x1684  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
20:29:19.0854 0x1684  iaLPSS2i_GPIO2 - ok
20:29:19.0870 0x1684  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
20:29:19.0885 0x1684  iaLPSS2i_I2C - ok
20:29:19.0885 0x1684  [ 456C87D2EB2ADC2F3DBA6667897BD393, B81655118364A1560E44F8CA5B3F568EC2C7BFC1E55A6FFBE928DCE3B099B941 ] iaLPSS2_GPIO2   C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys
20:29:19.0885 0x1684  iaLPSS2_GPIO2 - ok
20:29:19.0901 0x1684  [ E2C14D6C31F27C4C370E41484674BD81, 73AEB6E4A3F43F0EC33576DBC75C3259D5D4F9302C2D79871B66C47DE7D03C40 ] iaLPSS2_I2C     C:\Windows\System32\drivers\iaLPSS2_I2C.sys
20:29:19.0901 0x1684  iaLPSS2_I2C - ok
20:29:19.0917 0x1684  [ 187BB3CA635BF2F57E8F4EFDB2CF7B1B, C701AC32F77FB183BC1AD2D13973ABF5FDF1199886AA4E0BA8456600CF2ADD30 ] iaLPSS2_SPI     C:\Windows\System32\drivers\iaLPSS2_SPI.sys
20:29:19.0917 0x1684  iaLPSS2_SPI - ok
20:29:19.0936 0x1684  [ 641D449D8CFB2ACDBF4D09B4E17AD537, CDEBA85FE53D73ECC16D8E548C6FD7E79594A01AA926A8403517171CCC99ED28 ] iaLPSS2_UART2   C:\Windows\System32\drivers\iaLPSS2_UART2.sys
20:29:19.0939 0x1684  iaLPSS2_UART2 - ok
20:29:19.0939 0x1684  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:29:19.0954 0x1684  iaLPSSi_GPIO - ok
20:29:19.0954 0x1684  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:29:19.0970 0x1684  iaLPSSi_I2C - ok
20:29:19.0986 0x1684  [ DAC81D5EE5BAC7410F25B6571F08D4F4, 3D351941E41E5E767D4382053076B0D122FE895CB841AD59E79E2C878100D156 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
20:29:20.0001 0x1684  iaStorA - ok
20:29:20.0017 0x1684  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
20:29:20.0055 0x1684  iaStorAV - ok
20:29:20.0055 0x1684  [ 86ED826875D43D877E9E0D2E93FBE247, CCBFE5BEAB8B797C8522460C678D729662B21DDE87006255B921BEBC25ABAA63 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:29:20.0070 0x1684  IAStorDataMgrSvc - ok
20:29:20.0086 0x1684  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:29:20.0117 0x1684  iaStorV - ok
20:29:20.0139 0x1684  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
20:29:20.0155 0x1684  ibbus - ok
20:29:20.0171 0x1684  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\Windows\System32\tetheringservice.dll
20:29:20.0186 0x1684  icssvc - ok
20:29:20.0386 0x1684  [ EB512E2A829D74A6797A07D80EF25FC9, F35A8739F6BFA3DB2BAE1794E68D3D55CED671FD38199798661DCF03C01DD1D5 ] igfx            C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igdkmd64.sys
20:29:20.0569 0x1684  igfx - ok
20:29:20.0583 0x1684  [ 38CB24BEA60C54C89FD9A365A3D16671, 0F13B5360D4A1A87AD31C1DCC30257F525FA43C5240A7E71006E7A7F82F8FCC5 ] igfxCUIService2.0.0.0 C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe
20:29:20.0589 0x1684  igfxCUIService2.0.0.0 - ok
20:29:20.0605 0x1684  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:29:20.0652 0x1684  IKEEXT - ok
20:29:20.0652 0x1684  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
20:29:20.0667 0x1684  IndirectKmd - ok
20:29:20.0667 0x1684  [ 35261BFB425CFB139C62A2676DADC1C3, 4D0516833BE1A1F250A41B0E34DFC302D8A6481BA059573A81949FDC59CCC3D1 ] IntcAudioBus    C:\Windows\System32\drivers\IntcAudioBus.sys
20:29:20.0690 0x1684  IntcAudioBus - ok
20:29:20.0805 0x1684  [ 82B782713732F4D901EDB8D2C5D3899F, 357053F7E2E4C85177DC53566D3E75A73A63EC6A947E7D72C487B68FAD3F01F4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:29:20.0905 0x1684  IntcAzAudAddService - ok
20:29:20.0952 0x1684  [ E4E42ADB9B710CAA2801F5AA3705A8CC, A67EFE80F383A5117E37DE1B48045BA31E09950F9D4EAEE1E023BF1B7F5FC3C3 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:29:20.0990 0x1684  IntcDAud - ok
20:29:21.0006 0x1684  [ 284396E96FD43D712FAC13A8835133D6, 1613CCB5C24E7CBEF2BBD449C3870D0A981B34084EFA58C20C6D87787A9C3D2E ] IntcOED         C:\Windows\System32\drivers\IntcOED.sys
20:29:21.0037 0x1684  IntcOED - ok
20:29:21.0053 0x1684  [ AEA02F1F43503A5E10C92246A0B70DBD, 9717788B0D3E69071042A6D3EFB431F7466F76805F762BF22A32314FF3C21D84 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:29:21.0090 0x1684  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:29:21.0090 0x1684  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\Windows\system32\drivers\intelide.sys
20:29:21.0090 0x1684  intelide - ok
20:29:21.0106 0x1684  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\Windows\system32\drivers\intelpep.sys
20:29:21.0106 0x1684  intelpep - ok
20:29:21.0106 0x1684  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:29:21.0122 0x1684  intelppm - ok
20:29:21.0137 0x1684  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\Windows\system32\drivers\iorate.sys
20:29:21.0137 0x1684  iorate - ok
20:29:21.0137 0x1684  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:29:21.0169 0x1684  IpFilterDriver - ok
20:29:21.0191 0x1684  [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:29:21.0238 0x1684  iphlpsvc - ok
20:29:21.0238 0x1684  [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:29:21.0238 0x1684  IPMIDRV - ok
20:29:21.0253 0x1684  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:29:21.0269 0x1684  IPNAT - ok
20:29:21.0269 0x1684  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\Windows\system32\drivers\irda.sys
20:29:21.0291 0x1684  irda - ok
20:29:21.0291 0x1684  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:29:21.0307 0x1684  IRENUM - ok
20:29:21.0307 0x1684  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\Windows\System32\irmon.dll
20:29:21.0322 0x1684  irmon - ok
20:29:21.0322 0x1684  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:29:21.0338 0x1684  isapnp - ok
20:29:21.0353 0x1684  [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:29:21.0385 0x1684  iScsiPrt - ok
20:29:21.0391 0x1684  [ C395FADCE0E9FD9B0F23E622C2249701, 257E0DF7CDAA23AFBFE53E22DA44140D43DB5298086C5BB49DB155A261895998 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:29:21.0391 0x1684  jhi_service - ok
20:29:21.0391 0x1684  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:29:21.0407 0x1684  kbdclass - ok
20:29:21.0407 0x1684  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:29:21.0423 0x1684  kbdhid - ok
20:29:21.0438 0x1684  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
20:29:21.0454 0x1684  kdnic - ok
20:29:21.0454 0x1684  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\Windows\system32\lsass.exe
20:29:21.0469 0x1684  KeyIso - ok
20:29:21.0469 0x1684  [ 8C106C612FFE44A60F66870E0EADD69E, 0F12E75AE50697D95C7C34391C3C9586AAE2ED8E392AA726A1960776AE18CD5F ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
20:29:21.0491 0x1684  Killer Service V2 - ok
20:29:21.0507 0x1684  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:29:21.0522 0x1684  KSecDD - ok
20:29:21.0522 0x1684  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:29:21.0538 0x1684  KSecPkg - ok
20:29:21.0569 0x1684  [ E3903B56C24368124EE5AE6E4E6D6566, 317D25FECE7314C6B6235B305C8E1188F33CC96AEC24C05D9CDDDAE0EA5F2D15 ] kss             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
20:29:21.0607 0x1684  kss - ok
20:29:21.0622 0x1684  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:29:21.0622 0x1684  ksthunk - ok
20:29:21.0653 0x1684  [ C4A87E8D648720ECDA3EBD24498FA9F8, DA32563D9BA31FE34C715FDCA3943EA99FC4EB3B818E9CEFBFCEDB9306965AB4 ] ksu             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
20:29:21.0691 0x1684  ksu - ok
20:29:21.0691 0x1684  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:29:21.0707 0x1684  KtmRm - ok
20:29:21.0722 0x1684  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:29:21.0738 0x1684  LanmanServer - ok
20:29:21.0738 0x1684  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:29:21.0769 0x1684  LanmanWorkstation - ok
20:29:21.0786 0x1684  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\Windows\System32\lfsvc.dll
20:29:21.0791 0x1684  lfsvc - ok
20:29:21.0806 0x1684  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
20:29:21.0822 0x1684  LicenseManager - ok
20:29:21.0822 0x1684  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\Windows\system32\drivers\lltdio.sys
20:29:21.0838 0x1684  lltdio - ok
20:29:21.0853 0x1684  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:29:21.0891 0x1684  lltdsvc - ok
20:29:21.0891 0x1684  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:29:21.0907 0x1684  lmhosts - ok
20:29:21.0922 0x1684  [ B743127DDCE8CF670C187BE2CF8A38E5, C64244B32BA7825E41C141BFCB0593CB6D2A1B65A9C9ED85C7FB8668093FF949 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:29:21.0954 0x1684  LMS - ok
20:29:21.0954 0x1684  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:29:21.0985 0x1684  LSI_SAS - ok
20:29:21.0990 0x1684  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
20:29:21.0992 0x1684  LSI_SAS2i - ok
20:29:21.0992 0x1684  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
20:29:22.0007 0x1684  LSI_SAS3i - ok
20:29:22.0007 0x1684  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:29:22.0023 0x1684  LSI_SSS - ok
20:29:22.0054 0x1684  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\Windows\System32\lsm.dll
20:29:22.0092 0x1684  LSM - ok
20:29:22.0092 0x1684  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:29:22.0123 0x1684  luafv - ok
20:29:22.0123 0x1684  [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker      C:\Windows\System32\moshost.dll
20:29:22.0139 0x1684  MapsBroker - ok
20:29:22.0139 0x1684  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\Windows\system32\drivers\megasas.sys
20:29:22.0154 0x1684  megasas - ok
20:29:22.0154 0x1684  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
20:29:22.0170 0x1684  megasas2i - ok
20:29:22.0192 0x1684  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\Windows\system32\drivers\megasr.sys
20:29:22.0223 0x1684  megasr - ok
20:29:22.0239 0x1684  [ 06D4AEA95783EC15B2D6098AD47F5590, 368C19CD520CABA1F26FB2FBBA81BB1A301BC8E2980FDD866E68097677FF33D8 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
20:29:22.0255 0x1684  MEIx64 - ok
20:29:22.0270 0x1684  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
20:29:22.0270 0x1684  MessagingService - ok
20:29:22.0308 0x1684  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
20:29:22.0339 0x1684  mlx4_bus - ok
20:29:22.0339 0x1684  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
20:29:22.0355 0x1684  MMCSS - ok
20:29:22.0355 0x1684  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\Windows\system32\drivers\modem.sys
20:29:22.0370 0x1684  Modem - ok
20:29:22.0370 0x1684  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\Windows\System32\drivers\monitor.sys
20:29:22.0392 0x1684  monitor - ok
20:29:22.0408 0x1684  [ E784E36914C96846F8C4FAD720C7F7FD, 8BE32B5102B173F16FAA96A0A807998F62FF3F7ED789BE54E78557863FC5777C ] mosuport        C:\Windows\System32\drivers\mosuport.sys
20:29:22.0439 0x1684  mosuport - ok
20:29:22.0455 0x1684  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:29:22.0455 0x1684  mouclass - ok
20:29:22.0470 0x1684  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:29:22.0470 0x1684  mouhid - ok
20:29:22.0490 0x1684  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:29:22.0492 0x1684  mountmgr - ok
20:29:22.0492 0x1684  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:29:22.0508 0x1684  mpsdrv - ok
20:29:22.0539 0x1684  [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:29:22.0589 0x1684  MpsSvc - ok
20:29:22.0592 0x1684  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:29:22.0592 0x1684  MRxDAV - ok
20:29:22.0608 0x1684  [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:29:22.0624 0x1684  mrxsmb - ok
20:29:22.0639 0x1684  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:29:22.0655 0x1684  mrxsmb10 - ok
20:29:22.0655 0x1684  [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:29:22.0671 0x1684  mrxsmb20 - ok
20:29:22.0671 0x1684  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\Windows\system32\drivers\bridge.sys
20:29:22.0693 0x1684  MsBridge - ok
20:29:22.0693 0x1684  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\Windows\System32\msdtc.exe
20:29:22.0708 0x1684  MSDTC - ok
20:29:22.0708 0x1684  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:29:22.0724 0x1684  Msfs - ok
20:29:22.0724 0x1684  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:29:22.0740 0x1684  msgpiowin32 - ok
20:29:22.0740 0x1684  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:29:22.0755 0x1684  mshidkmdf - ok
20:29:22.0755 0x1684  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:29:22.0771 0x1684  mshidumdf - ok
20:29:22.0788 0x1684  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:29:22.0793 0x1684  msisadrv - ok
20:29:22.0809 0x1684  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:29:22.0824 0x1684  MSiSCSI - ok
20:29:22.0824 0x1684  msiserver - ok
20:29:22.0840 0x1684  [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
20:29:22.0840 0x1684  MSKSSRV - ok
20:29:22.0856 0x1684  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
20:29:22.0860 0x1684  MsLldp - ok
20:29:22.0860 0x1684  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
20:29:22.0876 0x1684  MSPCLOCK - ok
20:29:22.0893 0x1684  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
20:29:22.0909 0x1684  MSPQM - ok
20:29:22.0909 0x1684  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:29:22.0924 0x1684  MsRPC - ok
20:29:22.0940 0x1684  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
20:29:22.0956 0x1684  MsSecFlt - ok
20:29:22.0956 0x1684  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:29:22.0956 0x1684  mssmbios - ok
20:29:22.0956 0x1684  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
20:29:22.0971 0x1684  MSTEE - ok
20:29:22.0971 0x1684  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:29:22.0993 0x1684  MTConfig - ok
20:29:23.0009 0x1684  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:29:23.0025 0x1684  Mup - ok
20:29:23.0025 0x1684  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:29:23.0040 0x1684  mvumis - ok
20:29:23.0056 0x1684  [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:29:23.0093 0x1684  NativeWifiP - ok
20:29:23.0093 0x1684  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:29:23.0125 0x1684  NcaSvc - ok
20:29:23.0140 0x1684  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\Windows\System32\ncbservice.dll
20:29:23.0156 0x1684  NcbService - ok
20:29:23.0171 0x1684  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:29:23.0193 0x1684  NcdAutoSetup - ok
20:29:23.0193 0x1684  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
20:29:23.0209 0x1684  ndfltr - ok
20:29:23.0240 0x1684  [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:29:23.0288 0x1684  NDIS - ok
20:29:23.0293 0x1684  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
20:29:23.0293 0x1684  NdisCap - ok
20:29:23.0309 0x1684  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
20:29:23.0309 0x1684  NdisImPlatform - ok
20:29:23.0325 0x1684  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:29:23.0340 0x1684  NdisTapi - ok
20:29:23.0340 0x1684  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
20:29:23.0340 0x1684  Ndisuio - ok
20:29:23.0356 0x1684  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
20:29:23.0356 0x1684  NdisVirtualBus - ok
20:29:23.0356 0x1684  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
20:29:23.0371 0x1684  NdisWan - ok
20:29:23.0392 0x1684  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
20:29:23.0394 0x1684  ndiswanlegacy - ok
20:29:23.0409 0x1684  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
20:29:23.0409 0x1684  ndproxy - ok
20:29:23.0425 0x1684  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:29:23.0441 0x1684  Ndu - ok
20:29:23.0441 0x1684  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
20:29:23.0456 0x1684  NetAdapterCx - ok
20:29:23.0456 0x1684  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
20:29:23.0456 0x1684  NetBIOS - ok
20:29:23.0472 0x1684  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:29:23.0489 0x1684  NetBT - ok
20:29:23.0493 0x1684  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\Windows\system32\lsass.exe
20:29:23.0494 0x1684  Netlogon - ok
20:29:23.0494 0x1684  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\Windows\System32\netman.dll
20:29:23.0510 0x1684  Netman - ok
20:29:23.0525 0x1684  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:29:23.0541 0x1684  netprofm - ok
20:29:23.0556 0x1684  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
20:29:23.0572 0x1684  NetSetupSvc - ok
20:29:23.0594 0x1684  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:23.0609 0x1684  NetTcpPortSharing - ok
20:29:23.0625 0x1684  [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
20:29:23.0641 0x1684  NgcCtnrSvc - ok
20:29:23.0656 0x1684  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
20:29:23.0694 0x1684  NgcSvc - ok
20:29:23.0694 0x1684  [ 5EE83D92C651F7652FFEBE4F82988CAB, 1F576EEB1959F665C6F98FC95210E06271AB206E18867E78C527BB728DD49A02 ] nhi             C:\Windows\system32\DRIVERS\tbt81x.sys
20:29:23.0710 0x1684  nhi - ok
20:29:23.0725 0x1684  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:29:23.0741 0x1684  NlaSvc - ok
20:29:23.0741 0x1684  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:29:23.0757 0x1684  Npfs - ok
20:29:23.0772 0x1684  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:29:23.0791 0x1684  npsvctrig - ok
20:29:23.0794 0x1684  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\Windows\system32\nsisvc.dll
20:29:23.0810 0x1684  nsi - ok
20:29:23.0825 0x1684  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:29:23.0841 0x1684  nsiproxy - ok
20:29:23.0909 0x1684  [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS            C:\Windows\system32\drivers\NTFS.sys
20:29:23.0956 0x1684  NTFS - ok
20:29:23.0994 0x1684  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\Windows\system32\drivers\Null.sys
20:29:23.0994 0x1684  Null - ok
20:29:24.0010 0x1684  [ FFA2DDE4F6470D4C34789E40C8595657, 21ACFBE42E24194594071CDD6D90CD6E120518F26CF3BD98904B53FDB636EF3C ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:29:24.0025 0x1684  NvContainerLocalSystem - ok
20:29:24.0041 0x1684  [ FFA2DDE4F6470D4C34789E40C8595657, 21ACFBE42E24194594071CDD6D90CD6E120518F26CF3BD98904B53FDB636EF3C ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
20:29:24.0056 0x1684  NvContainerNetworkService - ok
20:29:24.0342 0x1684  [ 90050A0469120BD8E0931267FFE31CFD, 0424DF3733EBF21B2500F7B94C40E0A8AD60005191E4FB0C2F6FFD8FC7844EEF ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvlddmkm.sys
20:29:24.0610 0x1684  nvlddmkm - ok
20:29:24.0626 0x1684  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:29:24.0626 0x1684  nvraid - ok
20:29:24.0626 0x1684  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:29:24.0642 0x1684  nvstor - ok
20:29:24.0642 0x1684  [ 9AB3709BBCE72ACAD975EC60405C80CF, FC11B8E24699CB7BAE53CC380786AA8A547034B55BB95916906F37C87AB3EFBC ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:29:24.0642 0x1684  NvStreamKms - ok
20:29:24.0657 0x1684  [ 64FFFE33EA909D062193DA385964F087, C7BD63B089B5B5E37153D013562A6C0755EC9572B84B0BAEB20961211B2A8B9F ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
20:29:24.0673 0x1684  NvTelemetryContainer - ok
20:29:24.0673 0x1684  [ FDE334D94ED6FB3D975027AEE865F656, 636FF87CAA326C05F086F53AB9A5ADBBC0E9B3CDEEE2745D732D494EF5313B60 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:29:24.0693 0x1684  nvvad_WaveExtensible - ok
20:29:24.0695 0x1684  [ 842E1AB0A53CEDE011F71C4E4DCC9871, 1939332A1EF4C30DD1199CB25366A4E51B83CF310292E1E3157122C9707C29FB ] nvvhci          C:\Windows\System32\drivers\nvvhci.sys
20:29:24.0710 0x1684  nvvhci - ok
20:29:24.0726 0x1684  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
20:29:24.0757 0x1684  OneSyncSvc - ok
20:29:24.0757 0x1684  [ 8A28F51EFB3C9C70B54E51B917253714, E95B0ABE4DD4DB45CC4961AFCC8590DE9E911656C7457877F5A1CC3840F9801D ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:24.0791 0x1684  ose64 - ok
20:29:24.0794 0x1684  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:29:24.0810 0x1684  p2pimsvc - ok
20:29:24.0810 0x1684  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\Windows\system32\p2psvc.dll
20:29:24.0841 0x1684  p2psvc - ok
20:29:24.0841 0x1684  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\Windows\System32\drivers\parport.sys
20:29:24.0857 0x1684  Parport - ok
20:29:24.0857 0x1684  [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:29:24.0873 0x1684  partmgr - ok
20:29:24.0889 0x1684  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:29:24.0895 0x1684  PcaSvc - ok
20:29:24.0910 0x1684  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\Windows\system32\drivers\pci.sys
20:29:24.0926 0x1684  pci - ok
20:29:24.0926 0x1684  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\Windows\system32\drivers\pciide.sys
20:29:24.0926 0x1684  pciide - ok
20:29:24.0942 0x1684  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:29:24.0957 0x1684  pcmcia - ok
20:29:24.0973 0x1684  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:29:24.0990 0x1684  pcw - ok
20:29:24.0995 0x1684  [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc             C:\Windows\system32\drivers\pdc.sys
20:29:25.0011 0x1684  pdc - ok
20:29:25.0042 0x1684  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:29:25.0095 0x1684  PEAUTH - ok
20:29:25.0127 0x1684  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:29:25.0195 0x1684  PeerDistSvc - ok
20:29:25.0211 0x1684  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
20:29:25.0211 0x1684  percsas2i - ok
20:29:25.0211 0x1684  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
20:29:25.0227 0x1684  percsas3i - ok
20:29:25.0258 0x1684  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:29:25.0274 0x1684  PerfHost - ok
20:29:25.0311 0x1684  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
20:29:25.0358 0x1684  PhoneSvc - ok
20:29:25.0358 0x1684  [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
20:29:25.0374 0x1684  PimIndexMaintenanceSvc - ok
20:29:25.0412 0x1684  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\Windows\system32\pla.dll
20:29:25.0459 0x1684  pla - ok
20:29:25.0474 0x1684  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:29:25.0493 0x1684  PlugPlay - ok
20:29:25.0496 0x1684  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:29:25.0512 0x1684  PNRPAutoReg - ok
20:29:25.0528 0x1684  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:29:25.0559 0x1684  PNRPsvc - ok
20:29:25.0574 0x1684  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:29:25.0612 0x1684  PolicyAgent - ok
20:29:25.0612 0x1684  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\Windows\system32\umpo.dll
20:29:25.0644 0x1684  Power - ok
20:29:25.0644 0x1684  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
20:29:25.0675 0x1684  PptpMiniport - ok
20:29:25.0759 0x1684  [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:29:25.0844 0x1684  PrintNotify - ok
20:29:25.0876 0x1684  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\Windows\System32\drivers\processr.sys
20:29:25.0898 0x1684  Processor - ok
20:29:25.0913 0x1684  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:29:25.0944 0x1684  ProfSvc - ok
20:29:25.0960 0x1684  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\Windows\system32\drivers\pacer.sys
20:29:25.0976 0x1684  Psched - ok
20:29:26.0014 0x1684  [ 75FFEA6D90AE32FCFB618A8CE39BA151, ABB0CABF6F6A9B7EF0D39BCEEFBAAAB1DB79EDFECE3099803D96CAFAD4276A61 ] Qcamain10x64    C:\Windows\system32\DRIVERS\Qcamain10x64.sys
20:29:26.0060 0x1684  Qcamain10x64 - ok
20:29:26.0076 0x1684  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\Windows\system32\qwave.dll
20:29:26.0094 0x1684  QWAVE - ok
20:29:26.0098 0x1684  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:29:26.0098 0x1684  QWAVEdrv - ok
20:29:26.0098 0x1684  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:29:26.0114 0x1684  RasAcd - ok
20:29:26.0114 0x1684  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
20:29:26.0145 0x1684  RasAgileVpn - ok
20:29:26.0145 0x1684  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\Windows\System32\rasauto.dll
20:29:26.0176 0x1684  RasAuto - ok
20:29:26.0176 0x1684  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
20:29:26.0198 0x1684  Rasl2tp - ok
20:29:26.0214 0x1684  [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan          C:\Windows\System32\rasmans.dll
20:29:26.0245 0x1684  RasMan - ok
20:29:26.0245 0x1684  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:29:26.0261 0x1684  RasPppoe - ok
20:29:26.0276 0x1684  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
20:29:26.0298 0x1684  RasSstp - ok
20:29:26.0314 0x1684  [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:29:26.0345 0x1684  rdbss - ok
20:29:26.0360 0x1684  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:29:26.0360 0x1684  rdpbus - ok
20:29:26.0376 0x1684  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:29:26.0392 0x1684  RDPDR - ok
20:29:26.0398 0x1684  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:29:26.0398 0x1684  RdpVideoMiniport - ok
20:29:26.0414 0x1684  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:29:26.0414 0x1684  rdyboost - ok
20:29:26.0445 0x1684  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys

Robin78 · 17.04.2017, 19:37

TDSSKiller Teil 2

Code:

ATTFilter

20:29:26.0476 0x1684  ReFSv1 - ok
20:29:26.0498 0x1684  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:29:26.0530 0x1684  RemoteAccess - ok
20:29:26.0545 0x1684  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:29:26.0561 0x1684  RemoteRegistry - ok
20:29:26.0577 0x1684  [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo      C:\Windows\system32\RDXService.dll
20:29:26.0614 0x1684  RetailDemo - ok
20:29:26.0614 0x1684  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
20:29:26.0630 0x1684  RFCOMM - ok
20:29:26.0630 0x1684  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\Windows\System32\RMapi.dll
20:29:26.0646 0x1684  RmSvc - ok
20:29:26.0661 0x1684  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:29:26.0661 0x1684  RpcEptMapper - ok
20:29:26.0677 0x1684  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\Windows\system32\locator.exe
20:29:26.0677 0x1684  RpcLocator - ok
20:29:26.0699 0x1684  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\Windows\system32\rpcss.dll
20:29:26.0730 0x1684  RpcSs - ok
20:29:26.0746 0x1684  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\Windows\system32\drivers\rspndr.sys
20:29:26.0746 0x1684  rspndr - ok
20:29:26.0762 0x1684  [ E647D9ABBE8F3DA92B58B4AF9C3797E9, 7887D91B8F34AB349CCC3D47194BE19FC6BC1A0CE46FFE18ECCB084C57CF2048 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:29:26.0762 0x1684  RtkAudioService - ok
20:29:26.0777 0x1684  [ 82F0F611B9DD74E7B17808FC03BCB893, C68F264719792E7588E0C4881B940B5F12E759986477061051C2C13999BA2D8B ] RtkUsbAD        C:\Windows\system32\drivers\RtUsbA64.sys
20:29:26.0777 0x1684  RtkUsbAD - ok
20:29:26.0799 0x1684  [ 96CB7822C76EC1F24909D58350DA7DA7, 9F98CA000E24C40EBB2CE89D9547D05AF9D871E231BA30D6FD613D19F97A7355 ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
20:29:26.0799 0x1684  RTSPER - ok
20:29:26.0815 0x1684  [ D9AD35C43A5D20A5160F508E96EE2752, 0071744DFC448DFE356DCDB0201B23BD774F078CDA5585D7E49E66661C702BEE ] rtux64w10       C:\Windows\System32\drivers\rtux64w10.sys
20:29:26.0831 0x1684  rtux64w10 - ok
20:29:26.0831 0x1684  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:29:26.0846 0x1684  s3cap - ok
20:29:26.0846 0x1684  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\Windows\system32\lsass.exe
20:29:26.0862 0x1684  SamSs - ok
20:29:26.0878 0x1684  [ CCFCF96CB350DA48AFDCB221CA999ADA, 7E5490652E367D1EA0400ED95788AFB4E067373E5F8BF73165B7F7FDE20D1B27 ] SamsungUPDUtilSvc C:\Windows\SysWOW64\SecUPDUtilSvc.exe
20:29:26.0895 0x1684  SamsungUPDUtilSvc - ok
20:29:26.0900 0x1684  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:29:26.0900 0x1684  sbp2port - ok
20:29:26.0915 0x1684  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:29:26.0931 0x1684  SCardSvr - ok
20:29:26.0931 0x1684  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
20:29:26.0947 0x1684  ScDeviceEnum - ok
20:29:26.0947 0x1684  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:29:26.0962 0x1684  scfilter - ok
20:29:26.0978 0x1684  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\Windows\system32\schedsvc.dll
20:29:27.0031 0x1684  Schedule - ok
20:29:27.0031 0x1684  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
20:29:27.0046 0x1684  scmbus - ok
20:29:27.0046 0x1684  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\Windows\System32\drivers\scmdisk0101.sys
20:29:27.0062 0x1684  scmdisk0101 - ok
20:29:27.0078 0x1684  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:29:27.0094 0x1684  SCPolicySvc - ok
20:29:27.0100 0x1684  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:29:27.0116 0x1684  sdbus - ok
20:29:27.0116 0x1684  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:29:27.0147 0x1684  SDRSVC - ok
20:29:27.0147 0x1684  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:29:27.0162 0x1684  sdstor - ok
20:29:27.0178 0x1684  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\Windows\system32\seclogon.dll
20:29:27.0198 0x1684  seclogon - ok
20:29:27.0200 0x1684  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\Windows\System32\sens.dll
20:29:27.0216 0x1684  SENS - ok
20:29:27.0216 0x1684  Sense - ok
20:29:27.0263 0x1684  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\Windows\System32\SensorDataService.exe
20:29:27.0316 0x1684  SensorDataService - ok
20:29:27.0332 0x1684  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\Windows\system32\SensorService.dll
20:29:27.0347 0x1684  SensorService - ok
20:29:27.0363 0x1684  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:29:27.0379 0x1684  SensrSvc - ok
20:29:27.0379 0x1684  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:29:27.0400 0x1684  SerCx - ok
20:29:27.0400 0x1684  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
20:29:27.0416 0x1684  SerCx2 - ok
20:29:27.0416 0x1684  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:29:27.0416 0x1684  Serenum - ok
20:29:27.0432 0x1684  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\Windows\System32\drivers\serial.sys
20:29:27.0432 0x1684  Serial - ok
20:29:27.0432 0x1684  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:29:27.0448 0x1684  sermouse - ok
20:29:27.0463 0x1684  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\Windows\system32\sessenv.dll
20:29:27.0479 0x1684  SessionEnv - ok
20:29:27.0479 0x1684  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:29:27.0479 0x1684  sfloppy - ok
20:29:27.0501 0x1684  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:29:27.0517 0x1684  SharedAccess - ok
20:29:27.0532 0x1684  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:29:27.0579 0x1684  ShellHWDetection - ok
20:29:27.0579 0x1684  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
20:29:27.0601 0x1684  shpamsvc - ok
20:29:27.0601 0x1684  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:29:27.0616 0x1684  SiSRaid2 - ok
20:29:27.0616 0x1684  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:29:27.0632 0x1684  SiSRaid4 - ok
20:29:27.0648 0x1684  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\Windows\System32\smphost.dll
20:29:27.0663 0x1684  smphost - ok
20:29:27.0679 0x1684  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
20:29:27.0717 0x1684  SmsRouter - ok
20:29:27.0732 0x1684  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:29:27.0732 0x1684  SNMPTRAP - ok
20:29:27.0748 0x1684  [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:29:27.0779 0x1684  spaceport - ok
20:29:27.0779 0x1684  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:29:27.0779 0x1684  SpbCx - ok
20:29:27.0801 0x1684  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\Windows\System32\spoolsv.exe
20:29:27.0833 0x1684  Spooler - ok
20:29:27.0948 0x1684  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:29:28.0048 0x1684  sppsvc - ok
20:29:28.0079 0x1684  [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:29:28.0102 0x1684  srv - ok
20:29:28.0117 0x1684  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:29:28.0164 0x1684  srv2 - ok
20:29:28.0164 0x1684  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:29:28.0180 0x1684  srvnet - ok
20:29:28.0197 0x1684  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:29:28.0201 0x1684  SSDPSRV - ok
20:29:28.0217 0x1684  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:29:28.0233 0x1684  SstpSvc - ok
20:29:28.0302 0x1684  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\Windows\system32\windows.staterepository.dll
20:29:28.0417 0x1684  StateRepository - ok
20:29:28.0449 0x1684  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:29:28.0464 0x1684  stexstor - ok
20:29:28.0480 0x1684  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
20:29:28.0496 0x1684  StillCam - ok
20:29:28.0517 0x1684  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\Windows\System32\wiaservc.dll
20:29:28.0564 0x1684  stisvc - ok
20:29:28.0564 0x1684  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:29:28.0580 0x1684  storahci - ok
20:29:28.0598 0x1684  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:29:28.0602 0x1684  storflt - ok
20:29:28.0602 0x1684  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\Windows\system32\drivers\stornvme.sys
20:29:28.0618 0x1684  stornvme - ok
20:29:28.0618 0x1684  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
20:29:28.0649 0x1684  storqosflt - ok
20:29:28.0664 0x1684  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\Windows\system32\storsvc.dll
20:29:28.0702 0x1684  StorSvc - ok
20:29:28.0702 0x1684  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\Windows\system32\drivers\storufs.sys
20:29:28.0717 0x1684  storufs - ok
20:29:28.0717 0x1684  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:29:28.0733 0x1684  storvsc - ok
20:29:28.0749 0x1684  [ B005FD0AC313D418F74BE61EB6B2AC6F, 31C366FED68BD6D9F433317A747932A72B59F9C406C6562F8BC9F2EBD43AB7DA ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
20:29:28.0749 0x1684  SupportAssistAgent - ok
20:29:28.0764 0x1684  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\Windows\system32\svsvc.dll
20:29:28.0780 0x1684  svsvc - ok
20:29:28.0780 0x1684  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\Windows\System32\drivers\swenum.sys
20:29:28.0802 0x1684  swenum - ok
20:29:28.0802 0x1684  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\Windows\System32\swprv.dll
20:29:28.0833 0x1684  swprv - ok
20:29:28.0849 0x1684  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
20:29:28.0864 0x1684  Synth3dVsc - ok
20:29:28.0902 0x1684  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\Windows\system32\sysmain.dll
20:29:28.0949 0x1684  SysMain - ok
20:29:28.0949 0x1684  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:29:28.0980 0x1684  SystemEventsBroker - ok
20:29:28.0980 0x1684  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:29:29.0002 0x1684  TabletInputService - ok
20:29:29.0002 0x1684  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:29:29.0018 0x1684  TapiSrv - ok
20:29:29.0080 0x1684  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:29:29.0133 0x1684  Tcpip - ok
20:29:29.0201 0x1684  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
20:29:29.0264 0x1684  Tcpip6 - ok
20:29:29.0300 0x1684  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:29:29.0318 0x1684  tcpipreg - ok
20:29:29.0318 0x1684  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:29:29.0333 0x1684  tdx - ok
20:29:29.0349 0x1684  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:29:29.0364 0x1684  terminpt - ok
20:29:29.0398 0x1684  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\Windows\System32\termsrv.dll
20:29:29.0433 0x1684  TermService - ok
20:29:29.0433 0x1684  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\Windows\system32\themeservice.dll
20:29:29.0449 0x1684  Themes - ok
20:29:29.0480 0x1684  [ C9CC45ECC22E17FAE506B417292933B8, 5EAF39C06F3E2119BACC2D241368C9A7503DF74A6788C7B7DEBC8286EB428088 ] ThunderboltService c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
20:29:29.0518 0x1684  ThunderboltService - ok
20:29:29.0518 0x1684  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
20:29:29.0533 0x1684  TieringEngineService - ok
20:29:29.0549 0x1684  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
20:29:29.0580 0x1684  tiledatamodelsvc - ok
20:29:29.0601 0x1684  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
20:29:29.0602 0x1684  TimeBrokerSvc - ok
20:29:29.0618 0x1684  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\Windows\System32\drivers\tpm.sys
20:29:29.0634 0x1684  TPM - ok
20:29:29.0649 0x1684  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\Windows\System32\trkwks.dll
20:29:29.0665 0x1684  TrkWks - ok
20:29:29.0665 0x1684  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:29:29.0681 0x1684  TrustedInstaller - ok
20:29:29.0681 0x1684  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
20:29:29.0702 0x1684  tsusbflt - ok
20:29:29.0702 0x1684  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:29:29.0718 0x1684  TsUsbGD - ok
20:29:29.0718 0x1684  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
20:29:29.0733 0x1684  tsusbhub - ok
20:29:29.0733 0x1684  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
20:29:29.0749 0x1684  tunnel - ok
20:29:29.0765 0x1684  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
20:29:29.0765 0x1684  tzautoupdate - ok
20:29:29.0780 0x1684  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:29:29.0780 0x1684  UASPStor - ok
20:29:29.0800 0x1684  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
20:29:29.0802 0x1684  UcmCx0101 - ok
20:29:29.0818 0x1684  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
20:29:29.0818 0x1684  UcmTcpciCx0101 - ok
20:29:29.0834 0x1684  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
20:29:29.0834 0x1684  UcmUcsi - ok
20:29:29.0849 0x1684  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
20:29:29.0865 0x1684  Ucx01000 - ok
20:29:29.0865 0x1684  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
20:29:29.0881 0x1684  UdeCx - ok
20:29:29.0881 0x1684  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:29:29.0903 0x1684  udfs - ok
20:29:29.0903 0x1684  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
20:29:29.0903 0x1684  UEFI - ok
20:29:29.0918 0x1684  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
20:29:29.0918 0x1684  UevAgentDriver - ok
20:29:29.0934 0x1684  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\Windows\system32\AgentService.exe
20:29:30.0003 0x1684  UevAgentService - ok
20:29:30.0003 0x1684  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
20:29:30.0019 0x1684  Ufx01000 - ok
20:29:30.0019 0x1684  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
20:29:30.0019 0x1684  UfxChipidea - ok
20:29:30.0034 0x1684  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
20:29:30.0050 0x1684  ufxsynopsys - ok
20:29:30.0134 0x1684  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:29:30.0165 0x1684  UI0Detect - ok
20:29:30.0165 0x1684  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\Windows\System32\drivers\umbus.sys
20:29:30.0181 0x1684  umbus - ok
20:29:30.0181 0x1684  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:29:30.0203 0x1684  UmPass - ok
20:29:30.0219 0x1684  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:29:30.0250 0x1684  UmRdpService - ok
20:29:30.0281 0x1684  [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc     C:\Windows\System32\unistore.dll
20:29:30.0334 0x1684  UnistoreSvc - ok
20:29:30.0350 0x1684  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\Windows\System32\upnphost.dll
20:29:30.0381 0x1684  upnphost - ok
20:29:30.0381 0x1684  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
20:29:30.0403 0x1684  UrsChipidea - ok
20:29:30.0403 0x1684  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
20:29:30.0419 0x1684  UrsCx01000 - ok
20:29:30.0434 0x1684  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
20:29:30.0450 0x1684  UrsSynopsys - ok
20:29:30.0450 0x1684  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:29:30.0466 0x1684  usbccgp - ok
20:29:30.0481 0x1684  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:29:30.0500 0x1684  usbcir - ok
20:29:30.0504 0x1684  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:29:30.0504 0x1684  usbehci - ok
20:29:30.0519 0x1684  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:29:30.0550 0x1684  usbhub - ok
20:29:30.0566 0x1684  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:29:30.0582 0x1684  USBHUB3 - ok
20:29:30.0582 0x1684  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:29:30.0602 0x1684  usbohci - ok
20:29:30.0603 0x1684  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:29:30.0603 0x1684  usbprint - ok
20:29:30.0603 0x1684  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\Windows\System32\drivers\usbser.sys
20:29:30.0619 0x1684  usbser - ok
20:29:30.0619 0x1684  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:29:30.0635 0x1684  USBSTOR - ok
20:29:30.0650 0x1684  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:29:30.0666 0x1684  usbuhci - ok
20:29:30.0666 0x1684  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:29:30.0704 0x1684  usbvideo - ok
20:29:30.0719 0x1684  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:29:30.0735 0x1684  USBXHCI - ok
20:29:30.0766 0x1684  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\Windows\System32\userdataservice.dll
20:29:30.0835 0x1684  UserDataSvc - ok
20:29:30.0866 0x1684  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\Windows\System32\usermgr.dll
20:29:30.0903 0x1684  UserManager - ok
20:29:30.0919 0x1684  [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc          C:\Windows\system32\usocore.dll
20:29:30.0950 0x1684  UsoSvc - ok
20:29:30.0966 0x1684  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\Windows\system32\lsass.exe
20:29:30.0982 0x1684  VaultSvc - ok
20:29:31.0003 0x1684  [ 0D9780E8495C84911491AE1603711E39, 4D9E1157CA84E0DE1A1BFB9A75576AA49B37BD02F780CC84012A79720B183F0F ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:29:31.0035 0x1684  VBoxDrv - ok
20:29:31.0035 0x1684  [ 45633D58D5DB28E5F210CF51588E537D, DF88F66E360535966557249127AC17EC11746F478DC73210526E2545422C77FF ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
20:29:31.0050 0x1684  VBoxNetAdp - ok
20:29:31.0050 0x1684  [ B802AC859F5BEF61FFB24F1513755106, 54A75B61946D7B8B4A61C15BE79D81E8D10B08D8BE4F6F02BB6A4DC0DF9A6B76 ] VBoxNetLwf      C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
20:29:31.0066 0x1684  VBoxNetLwf - ok
20:29:31.0066 0x1684  [ FEB686C223F7EA10B530108C81BB110B, 79AAAE2345694617F7A35068F0614E256B179A803C14639591B1DC796CB92F47 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:29:31.0081 0x1684  VBoxUSBMon - ok
20:29:31.0081 0x1684  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:29:31.0104 0x1684  vdrvroot - ok
20:29:31.0119 0x1684  [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds             C:\Windows\System32\vds.exe
20:29:31.0166 0x1684  vds - ok
20:29:31.0166 0x1684  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:29:31.0182 0x1684  VerifierExt - ok
20:29:31.0204 0x1684  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:29:31.0235 0x1684  vhdmp - ok
20:29:31.0235 0x1684  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\Windows\System32\drivers\vhf.sys
20:29:31.0251 0x1684  vhf - ok
20:29:31.0251 0x1684  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:29:31.0266 0x1684  vmbus - ok
20:29:31.0282 0x1684  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:29:31.0302 0x1684  VMBusHID - ok
20:29:31.0304 0x1684  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\Windows\System32\drivers\vmgid.sys
20:29:31.0320 0x1684  vmgid - ok
20:29:31.0336 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
20:29:31.0367 0x1684  vmicguestinterface - ok
20:29:31.0367 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
20:29:31.0404 0x1684  vmicheartbeat - ok
20:29:31.0420 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
20:29:31.0435 0x1684  vmickvpexchange - ok
20:29:31.0467 0x1684  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\Windows\System32\icsvcext.dll
20:29:31.0498 0x1684  vmicrdv - ok
20:29:31.0504 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\Windows\System32\icsvc.dll
20:29:31.0520 0x1684  vmicshutdown - ok
20:29:31.0520 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\Windows\System32\icsvc.dll
20:29:31.0536 0x1684  vmictimesync - ok
20:29:31.0551 0x1684  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\Windows\System32\icsvc.dll
20:29:31.0567 0x1684  vmicvmsession - ok
20:29:31.0567 0x1684  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\Windows\System32\icsvcext.dll
20:29:31.0583 0x1684  vmicvss - ok
20:29:31.0601 0x1684  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:29:31.0605 0x1684  volmgr - ok
20:29:31.0605 0x1684  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:29:31.0620 0x1684  volmgrx - ok
20:29:31.0636 0x1684  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:29:31.0636 0x1684  volsnap - ok
20:29:31.0652 0x1684  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\Windows\system32\drivers\volume.sys
20:29:31.0652 0x1684  volume - ok
20:29:31.0652 0x1684  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\Windows\System32\drivers\vpci.sys
20:29:31.0667 0x1684  vpci - ok
20:29:31.0667 0x1684  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:29:31.0683 0x1684  vsmraid - ok
20:29:31.0721 0x1684  [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS             C:\Windows\system32\vssvc.exe
20:29:31.0783 0x1684  VSS - ok
20:29:31.0783 0x1684  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:29:31.0805 0x1684  VSTXRAID - ok
20:29:31.0821 0x1684  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:29:31.0837 0x1684  vwifibus - ok
20:29:31.0837 0x1684  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
20:29:31.0852 0x1684  vwififlt - ok
20:29:31.0868 0x1684  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
20:29:31.0884 0x1684  vwifimp - ok
20:29:31.0906 0x1684  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\Windows\system32\w32time.dll
20:29:31.0937 0x1684  W32Time - ok
20:29:31.0937 0x1684  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:29:31.0953 0x1684  WacomPen - ok
20:29:31.0953 0x1684  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\Windows\system32\WalletService.dll
20:29:31.0984 0x1684  WalletService - ok
20:29:31.0984 0x1684  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:29:32.0006 0x1684  wanarp - ok
20:29:32.0006 0x1684  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:29:32.0022 0x1684  wanarpv6 - ok
20:29:32.0037 0x1684  [ ED4B9B2B52E0BACD70BC61142490453F, BE1374066C59260DA58D65DBAEBF75ED42C27F71B7F4A8F27C86C74924B82227 ] WavesSysSvc     c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
20:29:32.0037 0x1684  WavesSysSvc - ok
20:29:32.0069 0x1684  [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine        C:\Windows\system32\wbengine.exe
20:29:32.0137 0x1684  wbengine - ok
20:29:32.0153 0x1684  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:29:32.0206 0x1684  WbioSrvc - ok
20:29:32.0206 0x1684  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\Windows\system32\drivers\wcifs.sys
20:29:32.0221 0x1684  wcifs - ok
20:29:32.0221 0x1684  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:29:32.0253 0x1684  Wcmsvc - ok
20:29:32.0268 0x1684  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:29:32.0284 0x1684  wcncsvc - ok
20:29:32.0300 0x1684  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
20:29:32.0306 0x1684  wcnfs - ok
20:29:32.0322 0x1684  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:29:32.0322 0x1684  WdBoot - ok
20:29:32.0353 0x1684  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:29:32.0400 0x1684  Wdf01000 - ok
20:29:32.0406 0x1684  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:29:32.0422 0x1684  WdFilter - ok
20:29:32.0422 0x1684  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:29:32.0437 0x1684  WdiServiceHost - ok
20:29:32.0453 0x1684  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:29:32.0468 0x1684  WdiSystemHost - ok
20:29:32.0506 0x1684  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
20:29:32.0537 0x1684  wdiwifi - ok
20:29:32.0537 0x1684  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
20:29:32.0553 0x1684  WdNisDrv - ok
20:29:32.0553 0x1684  WdNisSvc - ok
20:29:32.0569 0x1684  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\Windows\System32\webclnt.dll
20:29:32.0584 0x1684  WebClient - ok
20:29:32.0584 0x1684  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:29:32.0606 0x1684  Wecsvc - ok
20:29:32.0606 0x1684  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
20:29:32.0622 0x1684  WEPHOSTSVC - ok
20:29:32.0622 0x1684  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:29:32.0653 0x1684  wercplsupport - ok
20:29:32.0653 0x1684  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:29:32.0684 0x1684  WerSvc - ok
20:29:32.0703 0x1684  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
20:29:32.0706 0x1684  WFPLWFS - ok
20:29:32.0722 0x1684  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:29:32.0753 0x1684  WiaRpc - ok
20:29:32.0753 0x1684  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:29:32.0769 0x1684  WIMMount - ok
20:29:32.0769 0x1684  WinDefend - ok
20:29:32.0873 0x1684  [ FD9D6FBF274CC9E95433C43842172701, 7D2E2BE1920DE80B11745A86616AF40F7990579820CFFF68FD2E56748983C2FC ] Windows10FirewallService C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
20:29:32.0938 0x1684  Windows10FirewallService - ok
20:29:32.0969 0x1684  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
20:29:32.0969 0x1684  WindowsTrustedRT - ok
20:29:32.0985 0x1684  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
20:29:32.0985 0x1684  WindowsTrustedRTProxy - ok
20:29:33.0006 0x1684  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:29:33.0053 0x1684  WinHttpAutoProxySvc - ok
20:29:33.0053 0x1684  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\Windows\System32\drivers\winmad.sys
20:29:33.0069 0x1684  WinMad - ok
20:29:33.0085 0x1684  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:29:33.0106 0x1684  Winmgmt - ok
20:29:33.0184 0x1684  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:29:33.0253 0x1684  WinRM - ok
20:29:33.0285 0x1684  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
20:29:33.0306 0x1684  WINUSB - ok
20:29:33.0322 0x1684  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
20:29:33.0338 0x1684  WinVerbs - ok
20:29:33.0353 0x1684  [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc           C:\Windows\system32\flightsettings.dll
20:29:33.0407 0x1684  wisvc - ok
20:29:33.0454 0x1684  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:29:33.0523 0x1684  WlanSvc - ok
20:29:33.0604 0x1684  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:29:33.0654 0x1684  wlidsvc - ok
20:29:33.0685 0x1684  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:29:33.0701 0x1684  WmiAcpi - ok
20:29:33.0707 0x1684  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:29:33.0738 0x1684  wmiApSrv - ok
20:29:33.0738 0x1684  WMPNetworkSvc - ok
20:29:33.0754 0x1684  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\Windows\system32\drivers\Wof.sys
20:29:33.0770 0x1684  Wof - ok
20:29:33.0823 0x1684  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
20:29:33.0886 0x1684  workfolderssvc - ok
20:29:33.0886 0x1684  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:29:33.0905 0x1684  WPDBusEnum - ok
20:29:33.0907 0x1684  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:29:33.0907 0x1684  WpdUpFltr - ok
20:29:33.0907 0x1684  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\Windows\system32\WpnService.dll
20:29:33.0923 0x1684  WpnService - ok
20:29:33.0939 0x1684  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\Windows\System32\WpnUserService.dll
20:29:33.0954 0x1684  WpnUserService - ok
20:29:33.0970 0x1684  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:29:33.0986 0x1684  ws2ifsl - ok
20:29:33.0986 0x1684  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:29:34.0023 0x1684  wscsvc - ok
20:29:34.0023 0x1684  WSearch - ok
20:29:34.0086 0x1684  [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv        C:\Windows\system32\wuaueng.dll
20:29:34.0139 0x1684  wuauserv - ok
20:29:34.0171 0x1684  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:29:34.0204 0x1684  WudfPf - ok
20:29:34.0208 0x1684  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:34.0239 0x1684  WUDFRd - ok
20:29:34.0239 0x1684  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:29:34.0271 0x1684  wudfsvc - ok
20:29:34.0271 0x1684  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:34.0308 0x1684  WUDFWpdFs - ok
20:29:34.0340 0x1684  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:29:34.0387 0x1684  WwanSvc - ok
20:29:34.0424 0x1684  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
20:29:34.0471 0x1684  XblAuthManager - ok
20:29:34.0487 0x1684  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
20:29:34.0556 0x1684  XblGameSave - ok
20:29:34.0556 0x1684  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
20:29:34.0572 0x1684  xboxgip - ok
20:29:34.0609 0x1684  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
20:29:34.0656 0x1684  XboxNetApiSvc - ok
20:29:34.0656 0x1684  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
20:29:34.0656 0x1684  xinputhid - ok
20:29:34.0671 0x1684  ================ Scan global ===============================
20:29:34.0671 0x1684  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
20:29:34.0671 0x1684  [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\Windows\system32\winsrv.dll
20:29:34.0671 0x1684  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
20:29:34.0706 0x1684  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\Windows\system32\services.exe
20:29:34.0709 0x1684  [ Global ] - ok
20:29:34.0709 0x1684  ================ Scan MBR ==================================
20:29:34.0709 0x1684  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:29:34.0740 0x1684  \Device\Harddisk0\DR0 - ok
20:29:34.0740 0x1684  ================ Scan VBR ==================================
20:29:34.0740 0x1684  [ 4D5B61FED5EF1FFB0D869916CAAB9D17 ] \Device\Harddisk0\DR0\Partition1
20:29:34.0740 0x1684  \Device\Harddisk0\DR0\Partition1 - ok
20:29:34.0740 0x1684  [ 2D524F05766D084E9BC1747B63390F77 ] \Device\Harddisk0\DR0\Partition2
20:29:34.0740 0x1684  \Device\Harddisk0\DR0\Partition2 - ok
20:29:34.0740 0x1684  [ 5A5EA18CD48D718AC0002838F5F62393 ] \Device\Harddisk0\DR0\Partition3
20:29:34.0740 0x1684  \Device\Harddisk0\DR0\Partition3 - ok
20:29:34.0740 0x1684  [ C4867875BB850915CE486A345FCD6128 ] \Device\Harddisk0\DR0\Partition4
20:29:34.0740 0x1684  \Device\Harddisk0\DR0\Partition4 - ok
20:29:34.0756 0x1684  [ A2D0063F36550BFA57A69A613B2B4086 ] \Device\Harddisk0\DR0\Partition5
20:29:34.0756 0x1684  \Device\Harddisk0\DR0\Partition5 - ok
20:29:34.0756 0x1684  [ 4483AD16756B5313EF65F678D0F35263 ] \Device\Harddisk0\DR0\Partition6
20:29:34.0756 0x1684  \Device\Harddisk0\DR0\Partition6 - ok
20:29:34.0756 0x1684  ================ Scan generic autorun ======================
20:29:34.0756 0x1684  WindowsDefender - ok
20:29:34.0925 0x1684  [ 684728A0C00BD43A0C89838D17CEA604, DC62BE4D1C5565995B7E2D6E4CFFAEEE874158011A18792850764D1A45EB2917 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:29:35.0041 0x1684  RTHDVCPL - ok
20:29:35.0441 0x1684  [ 4236B861C0EE45AA456A112526E5C2C1, 540553AA493909DA041D3DFA1F1C2B53B7D9F38289CF4360C32E3F2764082B2D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:29:35.0472 0x1684  RtHDVBg_WAVES_SKYLAKE - ok
20:29:35.0557 0x1684  [ 57859AF40630541B88762E6D41836704, 92AAD5E02B4222E68F95B5ECD0D06B76028A85E6B0428BC321F08AFA60D1D75F ] C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
20:29:35.0626 0x1684  PremierColor - ok
20:29:35.0709 0x1684  [ EADA126013D7EF57A47A645DD0A0C5F5, 05A1A63D1A9EE3584431D403D2C1B4EB31E533E9D731382C5F484A43CEB7BAA2 ] C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
20:29:35.0741 0x1684  Windows10FirewallControl - ok
20:29:35.0741 0x1684  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
20:29:35.0757 0x1684  ShadowPlay - ok
20:29:35.0772 0x1684  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
20:29:35.0788 0x1684  Logitech Download Assistant - ok
20:29:35.0942 0x1684  [ EE96D5E31B2D3F82A410D7206023C287, A5C41D3426DF526A49D2A83BD48A602EC93E6F334D9E52203E7D4C76FA9A28F0 ] C:\Windows\system32\RtkUGui64.exe
20:29:36.0073 0x1684  RTKUGUI - ok
20:29:36.0073 0x1684  [ 32915B7DF09C2F278E8F777276692E67, BED553EA5AEA65397C532722058F89161AD5D1F66538B3CC50BFCDDA5FD24604 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:29:36.0089 0x1684  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:29:36.0326 0x1684  Detect skipped due to KSN trusted
20:29:36.0326 0x1684  IAStorIcon - ok
20:29:36.0357 0x1684  [ C98DF1F346668DF73DD11AFEAA4E2F95, ECEEDD997B8479606426D32A3078164AB453CF2501F5273B4B1F6F228F97D0E8 ] c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
20:29:36.0373 0x1684  WavesSvc - ok
20:29:36.0389 0x1684  [ 56831CF0D755103BB0E7EA141A4895D9, 496A4EA8F84C0A9E79E1267B16B10F60F737F79BECBEECE593416D79F03B1063 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:36.0406 0x1684  SunJavaUpdateSched - ok
20:29:36.0426 0x1684  [ EFD6500382989DB49A29E5F019D2E5F7, 1129DF694D3A62113BF9AA0C5D82E81A096167548346E3F934FC143DCB4A1A85 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
20:29:36.0458 0x1684  DivXMediaServer - ok
20:29:36.0658 0x1684  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:36.0773 0x1684  OneDriveSetup - ok
20:29:36.0988 0x1684  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:37.0117 0x1684  OneDriveSetup - ok
20:29:37.0303 0x1684  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:29:37.0472 0x1684  OneDriveSetup - ok
20:29:37.0541 0x1684  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\robin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:29:37.0572 0x1684  OneDrive - ok
20:29:37.0672 0x1684  [ 5693B987A2A17FE03A7F15F52E7C7B69, EEDAA70C13FEEFEA49FC4D96CF4A6B59077AF8A66C564E11743698B7A0C5E122 ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
20:29:37.0765 0x1684  DAEMON Tools Lite Automount - ok
20:29:37.0812 0x1684  [ E3903B56C24368124EE5AE6E4E6D6566, 317D25FECE7314C6B6235B305C8E1188F33CC96AEC24C05D9CDDDAE0EA5F2D15 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
20:29:37.0843 0x1684  KSS - ok
20:29:37.0863 0x1684  [ C4A87E8D648720ECDA3EBD24498FA9F8, DA32563D9BA31FE34C715FDCA3943EA99FC4EB3B818E9CEFBFCEDB9306965AB4 ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
20:29:37.0896 0x1684  Kaspersky Software Updater - ok
20:29:37.0896 0x1684  Waiting for KSN requests completion. In queue: 275
20:29:38.0913 0x1684  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x61100 ( enabled : updated )
20:29:38.0913 0x1684  Win FW state via NFP2: enabled ( trusted )
20:29:39.0097 0x1684  ============================================================
20:29:39.0097 0x1684  Scan finished
20:29:39.0097 0x1684  ============================================================
20:29:39.0097 0x0a58  Detected object count: 0
20:29:39.0097 0x0a58  Actual detected object count: 0

M-K-D-B · 18.04.2017, 10:16

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
Starte den Rechner im Anschluss neu auf.
Downloade dir den MBAM Uninstaller auf deinen Desktop.
Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Robin78 · 18.04.2017, 19:03

AdwCleaner

Code:

ATTFilter

# AdwCleaner v6.045 - Logfile created 18/04/2017 at 19:37:09
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-18.1 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : robin - DESKTOP-1H69R6C
# Running from : C:\Users\robin\Desktop\AdwCleaner_6.045.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: "Prefetch" files deleted
:: Proxy settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2116 Bytes] - [11/04/2017 21:42:15]
C:\AdwCleaner\AdwCleaner[C2].txt - [1274 Bytes] - [15/04/2017 20:08:55]
C:\AdwCleaner\AdwCleaner[C3].txt - [1010 Bytes] - [18/04/2017 19:37:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [2096 Bytes] - [11/04/2017 21:41:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [1403 Bytes] - [15/04/2017 20:07:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [1440 Bytes] - [18/04/2017 19:36:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1302 Bytes] ##########

mbam.txt

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 18.04.17
Scan-Zeit: 19:51
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1754
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-1H69R6C\robin

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 382851
Abgelaufene Zeit: 1 Min., 43 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01
Ran by robin (administrator) on DESKTOP-1H69R6C (18-04-2017 20:01:54)
Running from C:\Users\robin\Downloads
Loaded Profiles: robin (Available Profiles: defaultuser0 & robin)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
() C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
(Realtek Semiconductor) C:\Windows\System32\RtkUGui64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxext.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [PremierColor] => C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe [5169488 2016-10-21] (Portrait Displays, Inc.)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1682304 2016-12-02] (Sphinx Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTKUGUI] => C:\Windows\system32\RtkUGui64.exe [8611584 2016-05-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-01-17] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [945112 2016-12-27] (Waves Audio Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-02-10] (DivX, LLC)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: {24221694-feb4-11e6-bc26-9cb6d0dadc9c} - "D:\setup.exe" 
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f772f74b-9219-46db-a5fc-b98a542637c3}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-01] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

Edge: 
======
Edge Extension: (Save to Pocket) -> EdgeExtension_PocketSavetoPocket_v63j13wrfzj3t => C:\Program Files\WindowsApps\Pocket.SavetoPocket_2.0.38.0_neutral__v63j13wrfzj3t [2017-04-06]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-02-09] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&atb=v55-3__
CHR DefaultSearchKeyword: Default -> duckduckgo.de
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default [2017-04-18]
CHR Extension: (Google Präsentationen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-10]
CHR Extension: (Google Docs) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-10]
CHR Extension: (Google Drive) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (DuckDuckGo Search) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-03-24]
CHR Extension: (YouTube) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Adblock Plus) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-06]
CHR Extension: (Google Tabellen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-12]
CHR Extension: (Page Ruler) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2017-03-10]
CHR Extension: (Save to Pocket) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-03-17]
CHR Extension: (Mute Button) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmpomgcifgjgecjkglgdbbhlbjceehj [2017-03-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe [285184 2017-01-06] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe [462848 2017-01-06] (Intel Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2017-01-12] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [121376 2016-11-28] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-10-13] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-10-13] (Dell Inc.)
R2 DellPremierColorService; C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe [196944 2016-10-21] (Portrait Displays, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-25] ()
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-01-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe [324608 2017-01-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-15] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-09-22] (Rivet Networks)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-10] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2017-03-16] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-02-24] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-10-25] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [412632 2016-12-27] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4065736 2016-12-02] (Sphinx Software)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{9AFCFC5C-82EA-42CC-B821-B83087347DBA}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32952 2016-10-13] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-02] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [184632 2016-08-30] (Intel Corporation)
S3 iaLPSS2_SPI; C:\Windows\System32\drivers\iaLPSS2_SPI.sys [151352 2016-08-30] (Intel Corporation)
S3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-30] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igdkmd64.sys [11058136 2017-01-06] (Intel Corporation)
R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [225888 2016-11-08] (Intel(R) Corporation)
R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [728672 2016-11-08] (Intel(R) Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-18] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-18] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92096 2017-04-18] (Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [371352 2016-08-04] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nhi; C:\Windows\system32\DRIVERS\tbt81x.sys [129608 2016-11-20] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2403248 2016-09-22] (Qualcomm Atheros, Inc.)
S3 RtkUsbAD; C:\Windows\system32\drivers\RtUsbA64.sys [118016 2016-05-24] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-05] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [366640 2016-10-26] (Realtek                                                                )
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-18 19:54 - 2017-04-18 19:54 - 00001242 _____ C:\Users\robin\Desktop\mbam.txt
2017-04-18 19:49 - 2017-04-18 19:50 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-18 19:49 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-18 19:48 - 2017-04-18 19:48 - 60107896 _____ (Malwarebytes ) C:\Users\robin\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-18 19:47 - 2017-04-18 19:47 - 00000000 ___HD C:\OneDriveTemp
2017-04-18 19:45 - 2017-04-18 19:46 - 00566128 _____ (Malwarebytes) C:\Users\robin\Desktop\mbam-clean-2.3.0.1001.exe
2017-04-18 19:33 - 2017-04-18 19:34 - 04089296 _____ C:\Users\robin\Desktop\AdwCleaner_6.045.exe
2017-04-17 20:27 - 2017-04-17 20:39 - 00284882 _____ C:\TDSSKiller.3.1.0.12_17.04.2017_20.27.51_log.txt
2017-04-17 20:27 - 2017-04-17 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\robin\Downloads\tdsskiller.exe
2017-04-17 20:27 - 2017-04-17 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\robin\Desktop\tdsskiller.exe
2017-04-17 20:25 - 2017-04-17 20:26 - 00284578 _____ C:\TDSSKiller.3.1.0.12_17.04.2017_20.25.29_log.txt
2017-04-17 20:14 - 2017-04-18 20:01 - 00027825 _____ C:\Users\robin\Downloads\FRST.txt
2017-04-17 20:14 - 2017-04-18 20:01 - 00000000 ____D C:\FRST
2017-04-17 20:14 - 2017-04-17 20:15 - 00040981 _____ C:\Users\robin\Downloads\Addition.txt
2017-04-17 20:13 - 2017-04-17 20:14 - 02424832 _____ (Farbar) C:\Users\robin\Downloads\FRST64.exe
2017-04-15 20:54 - 2017-04-15 20:54 - 00001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-15 20:32 - 2017-04-15 20:32 - 00001312 _____ C:\Users\Public\Desktop\Kaspersky Software Updater.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00001130 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-04-15 20:31 - 2017-04-15 20:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-15 20:29 - 2017-04-15 20:29 - 00830540 _____ C:\Windows\Minidump\041517-7640-01.dmp
2017-04-15 20:24 - 2017-04-15 20:24 - 00000546 _____ C:\Users\robin\Desktop\JRT.txt
2017-04-15 19:56 - 2017-04-15 19:56 - 00000000 ____D C:\Users\robin\AppData\LocalLow\Sun
2017-04-15 19:54 - 2017-04-01 20:52 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-15 19:54 - 2017-04-01 20:52 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-11 21:40 - 2017-04-18 19:37 - 00000000 ____D C:\AdwCleaner
2017-04-11 21:09 - 2017-04-11 21:09 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-04-11 21:09 - 2017-04-11 21:09 - 00000000 ____D C:\Program Files\Waves
2017-04-11 21:08 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-04-11 21:08 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 21:08 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-11 21:08 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 21:08 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:15 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-04-11 21:08 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 21:08 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-04-11 21:08 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-11 21:08 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-11 21:08 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 21:08 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 21:08 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys
2017-04-11 21:08 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-04-11 21:08 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-04-11 21:08 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 21:08 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-04-11 21:08 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-11 21:08 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-04-11 21:08 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-04-11 21:08 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-04-11 21:08 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-04-11 21:08 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-04-11 21:08 - 2017-01-10 10:41 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 23547544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 17398616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 09072629 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-04-11 21:08 - 2017-01-10 10:40 - 03503040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00240128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00200704 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-11 21:07 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-04-11 21:07 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-11 21:07 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-04-11 21:07 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-11 21:07 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-11 21:07 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-11 21:07 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-04-11 21:07 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2017-04-11 21:07 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 21:07 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-04-11 21:07 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-04-11 21:07 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-04-11 21:07 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2017-04-11 21:07 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 21:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-04-11 21:07 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-04-11 21:07 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:07 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 21:07 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-04-11 21:07 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2017-04-11 20:54 - 2017-04-11 20:54 - 00000000 ____D C:\Windows\{D82A5F87-1615-44EA-A80A-8629F6F49D54}
2017-04-11 20:44 - 2017-04-15 20:04 - 00001098 _____ C:\Users\Public\Desktop\Dell PremierColor.lnk
2017-04-11 20:44 - 2017-04-11 20:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-11 20:39 - 2017-04-11 20:39 - 00000000 _____ C:\Windows\invcol.tmp
2017-04-08 11:35 - 2017-04-11 21:11 - 00020848 _____ C:\Users\robin\Desktop\Übersicht Steuern_neu.xlsx
2017-04-07 22:56 - 2017-04-07 22:56 - 00002212 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-04-07 22:56 - 2017-04-01 05:27 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-07 22:55 - 2017-04-01 03:36 - 00136248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-04-07 22:53 - 2017-04-01 05:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-07 14:21 - 2017-03-02 19:49 - 02798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe
2017-04-05 21:52 - 2017-04-05 21:52 - 01988508 _____ C:\Windows\Minidump\040517-10515-01.dmp
2017-04-04 19:07 - 2017-04-04 19:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-04 17:36 - 2017-04-04 17:37 - 00000000 ____D C:\ProgramData\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Users\robin\AppData\Roaming\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit AgentInformation
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\Public\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2017-03-28 19:33 - 2017-04-04 20:10 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit Software
2017-03-28 19:33 - 2017-03-28 19:33 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-03-25 18:04 - 2017-03-25 18:04 - 00859348 _____ C:\Windows\Minidump\032517-10093-01.dmp
2017-03-24 20:14 - 2017-03-24 20:14 - 00156196 _____ C:\Windows\system32\tbt_log.txt
2017-03-22 19:26 - 2017-03-22 19:26 - 00003561 _____ C:\Users\robin\AppData\LocalLow\lpm.dat
2017-03-22 19:26 - 2017-03-22 19:26 - 00000000 ____D C:\Users\robin\AppData\Local\DivX
2017-03-21 20:06 - 2017-03-17 03:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437892.dll
2017-03-21 20:06 - 2017-03-17 03:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437892.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-18 19:51 - 2017-02-24 11:42 - 02745140 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-18 19:51 - 2016-08-01 22:36 - 01099240 _____ C:\Windows\system32\perfh007.dat
2017-04-18 19:51 - 2016-08-01 22:36 - 00269466 _____ C:\Windows\system32\perfc007.dat
2017-04-18 19:47 - 2017-03-01 19:36 - 00000000 ___RD C:\Users\robin\OneDrive
2017-04-18 19:47 - 2017-03-01 19:34 - 00000000 __SHD C:\Users\robin\IntelGraphicsProfiles
2017-04-18 19:47 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-18 19:47 - 2017-02-24 11:31 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-18 19:46 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-04-18 15:37 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-18 15:37 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-04-17 20:34 - 2017-03-13 21:57 - 00000000 ____D C:\Users\robin\AppData\Roaming\Notepad++
2017-04-17 19:28 - 2017-03-18 17:29 - 00004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-17 19:28 - 2017-03-18 17:29 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-15 23:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-04-15 22:48 - 2017-02-24 11:31 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-04-15 20:30 - 2017-03-01 17:47 - 00000000 ____D C:\Users\robin
2017-04-15 20:29 - 2017-03-10 19:35 - 1239498308 _____ C:\Windows\MEMORY.DMP
2017-04-15 20:29 - 2017-03-10 19:35 - 00000000 ____D C:\Windows\Minidump
2017-04-15 20:15 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\AppData\Local\Eclipse
2017-04-15 20:15 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\.p2
2017-04-15 20:04 - 2017-03-01 22:51 - 00000000 ____D C:\Users\robin\AppData\Local\CrashDumps
2017-04-15 19:58 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-04-15 19:57 - 2017-03-01 19:34 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2017-04-15 19:54 - 2017-02-24 12:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-15 19:52 - 2017-02-24 11:31 - 00335528 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-15 19:51 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2017-04-15 19:50 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-15 19:39 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-04-15 19:35 - 2017-03-05 18:50 - 00000000 ____D C:\Windows\system32\MRT
2017-04-15 19:33 - 2017-03-05 18:50 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-15 19:33 - 2017-03-02 19:43 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-15 19:33 - 2017-03-01 19:36 - 00002369 _____ C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-11 21:54 - 2016-07-16 16:10 - 00000000 ____D C:\Windows\DigitalLocker
2017-04-11 21:09 - 2017-02-24 11:43 - 00003218 _____ C:\Windows\System32\Tasks\RtHDVBg_PushButton
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\system32\RTCOM
2017-04-11 21:09 - 2017-02-24 11:42 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-04-11 21:08 - 2017-02-24 11:42 - 00001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2017-04-11 20:44 - 2017-02-24 11:42 - 00000000 ____D C:\Program Files\Intel
2017-04-11 20:40 - 2017-03-02 19:57 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-07 22:55 - 2017-02-24 11:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-07 15:23 - 2017-03-15 22:17 - 00020502 _____ C:\Users\robin\Desktop\Übersicht Steuern.xlsx
2017-04-07 13:51 - 2017-03-10 20:50 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 13:51 - 2017-03-10 20:50 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-06 20:36 - 2017-03-10 20:51 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 20:36 - 2017-03-10 20:51 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-05 20:58 - 2017-03-02 21:34 - 00000000 ____D C:\Users\robin\.VirtualBox
2017-04-05 19:36 - 2017-03-03 21:01 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-04 19:08 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-04 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-01 05:27 - 2017-02-24 11:46 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-04-01 04:10 - 2017-02-24 11:47 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-04-01 04:09 - 2017-03-02 22:14 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-01 02:41 - 2017-03-02 22:13 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-03-31 12:15 - 2017-02-24 11:47 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-03-29 20:39 - 2017-03-01 19:34 - 00000000 ____D C:\Users\robin\AppData\Local\Packages
2017-03-28 08:20 - 2017-02-24 11:42 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-03-26 20:21 - 2017-03-01 22:11 - 00000000 ____D C:\Users\robin\.webclipse
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\Intel
2017-03-21 21:10 - 2017-03-16 19:17 - 00000000 ___RD C:\Users\robin\OneDrive\Documents\Scanned Documents
2017-03-19 14:09 - 2017-03-01 22:21 - 00000000 ____D C:\Users\robin\AppData\Roaming\npm-cache

==================== Files in the root of some directories =======

2017-04-07 14:21 - 2017-03-02 19:49 - 2798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe

Some files in TEMP:
====================
2017-03-02 21:51 - 2017-04-17 20:10 - 0035680 _____ () C:\Users\robin\AppData\Local\Temp\i4jdel0.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nslABE1.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nsoC052.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nss93EA.tmp.exe
2016-10-21 03:09 - 2016-10-21 03:09 - 0148816 _____ (Portrait Displays, Inc) C:\Users\robin\AppData\Local\Temp\nsx30B3.tmp.exe
2017-03-21 20:06 - 2017-03-17 00:56 - 0352704 _____ (NVIDIA Corporation) C:\Users\robin\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-18 15:00

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

Robin78 · 18.04.2017, 19:04

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by robin (18-04-2017 20:02:23)
Running from C:\Users\robin\Downloads
Windows 10 Pro Version 1607 (X64) (2017-03-01 15:45:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1450654099-1454004737-3937552921-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1450654099-1454004737-3937552921-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1450654099-1454004737-3937552921-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1450654099-1454004737-3937552921-501 - Limited - Disabled)
robin (S-1-5-21-1450654099-1454004737-3937552921-1001 - Administrator - Enabled) => C:\Users\robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Ansel (Version: 381.65 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.0.0 - Dell Inc.) Hidden
Dell PremierColor (HKLM\...\{5CA2B02F-FC89-4F42-A3DA-7649B8EFF194}) (Version: 3.01.002 - Portrait Displays, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssist Remediation (HKLM-x32\...\{cc46e7bd-06f4-45e0-8b67-3ccaca1e4755}) (Version: 2.0.2.1835 - Dell Inc.)
Dell SupportAssist Remediation (Version: 2.0.2.1835 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
DSC/AA Factory Installer (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.1.30.20170325 - Landesfinanzdirektion Thüringen)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Git version 2.12.0 (HKLM\...\Git_is1) (Version: 2.12.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.10.1044 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)
Kaspersky Software Updater (x32 Version: 2.0.0.623 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.64.1312 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.64.1312 - Rivet Networks) Hidden
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.7.9011.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Node.js (HKLM\...\{84F68739-3B44-4D36-ABDB-2151A23C9C3D}) (Version: 6.10.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8037 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.50 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.12.1007.2016 - Realtek)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Synaptics Fingerprint Reader(WBF) (HKLM\...\{204CE0B6-C8CA-470F-A5B0-12A848545379}) (Version: 5.1.3214.26 - Synaptics Incorporated)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows10FirewallControl Free 8.1.0.16 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.1.0.16 - Sphinx Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1450654099-1454004737-3937552921-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009DF91C-F583-40AF-A63E-0C2423877E0B} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe 
Task: {00C1F32B-A14F-4381-B905-306A509AA5CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {16D21BDD-D978-4F0A-BC03-D2C62590CB71} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2017-01-12] (Dell Inc.)
Task: {17BE4ED4-59B7-4338-A3D1-E34724372948} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {27F05B65-1F3E-46C7-B285-DD5DCB0B0EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {2B1890E7-FAD3-47A3-9D65-CB3AF3E743D8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe 
Task: {47B09345-5BFD-4AD6-94DF-BDC941C93A92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {48E41CA8-B1FA-47AD-BBFF-70E579463BCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {4C24968A-B4C9-4F35-8DE5-41FCF40F5899} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {52AAEF83-F3CF-4344-9058-BACA797CF84E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-27] (Intel(R) Corporation)
Task: {5806A7AE-BF11-4216-BED1-39F7083ED779} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe 
Task: {5BC7D57E-D8FB-425D-844C-640096D6ED6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {68A47FD0-5A12-4443-AA82-BB2BECA74835} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {7493BC3A-4455-4B5E-953C-4B24DD004AA0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {8A5228F6-9872-4923-A99C-B7D616963F98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {96F3BC87-EFB6-4597-AAC4-3DCA2705EC65} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {A300453A-AF19-4961-9164-3BB8B0F0FDCF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-01-10] (Realtek Semiconductor)
Task: {A78CA869-0B2C-4890-BECB-D1CF8EBA0F50} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-10-25] (Dell Inc.)
Task: {C1660831-8AD8-4E58-930E-5B4EF6D07A47} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {C5ADED52-00FE-4389-BD04-61AC32265212} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {CB7AE228-0E76-4C38-A125-ED59F8D34EC3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {D51B53A5-F84D-4E65-9D2C-27A53FD93300} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe 
Task: {E7C42226-3250-4804-A8E9-772EADF75FCA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {F0747D1C-58F6-4D3A-8C56-C8BF48DADD5A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {F4BC44A0-F436-43FA-994D-5C4EFB6C2AAF} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-02-03] (DivX, LLC)
Task: {F9A641CD-D87B-4F98-B683-E5A6C23F2927} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe 
Task: {FECBFDE2-2FB7-400D-AB50-793232BABBC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-03-16 19:27 - 2015-03-12 04:43 - 00022528 _____ () C:\Windows\System32\us003lm.dll
2017-03-16 19:27 - 2017-03-16 19:27 - 00143664 ____N () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2017-03-02 22:14 - 2017-02-23 20:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-02-24 11:25 - 2017-02-24 11:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:36 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:37 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-15 19:39 - 2017-04-15 19:40 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2016-10-21 03:09 - 2016-10-21 03:09 - 00280400 _____ () C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
2017-03-16 19:29 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2017-03-16 19:29 - 2013-06-28 16:36 - 00091136 _____ () C:\Windows\system32\SSDEVM64.DLL
2017-04-18 19:49 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-18 19:49 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-02 22:14 - 2017-02-23 20:35 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-11-26 23:42 - 2016-11-26 23:42 - 00332104 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\dblite.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libcef.dll
2016-11-26 23:37 - 2016-11-26 23:37 - 00418512 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2017-03-02 22:14 - 2017-02-23 16:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-03-02 22:14 - 2017-02-23 16:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-21 20:21 - 2016-12-21 20:21 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libglesv2.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libegl.dll
2016-09-15 06:25 - 2016-09-15 06:25 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\XPS 15 Wallpaper Red Mum Flower WQHD.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{2F42B276-C379-4C67-A403-5C41C0EB2867}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [UDP Query User{674FA980-0D83-4B0C-8A2D-91254383B5BF}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [TCP Query User{337CD8FB-948A-464B-9DF2-1D9FB107B346}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{1A63221C-06AC-467E-A04F-C3D7A642F661}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{668B1D3E-EFAD-47E2-B5F8-871899C4E3B7}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [UDP Query User{2BB90E6B-A6F5-40CF-95D7-B185993D1576}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [{47802D7A-3EFE-4B66-A5C3-91BAFEDD276E}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{10322437-84B3-4013-9860-E54975D668BD}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [{EAF54FC7-4FBC-4B3D-ADED-9665D2E6CE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FC93204-8D30-48FF-91ED-C15D30BD30D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1D1D88A1-4B0D-4CF0-A22F-A4FF3EBA4EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB9C5582-0D58-4449-AF4C-9A1848D7742F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4276B9F8-DD16-4181-9799-C3EC6889AFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E29BD7-0E93-4F98-A77A-14B6B7A5E748}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BF415850-EF03-4F0E-A993-38ACCDA00F4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1F016856-6A94-441F-9783-36C5B6CDD52E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{27F7A04A-7C4B-41D8-97F0-87FA7617A644}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CC5FE35E-0BCE-4C3D-B2F7-C9F214017759}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{1D7B8FA1-256A-4120-B307-7F55AE5EE035}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{83260F9F-5C18-4F49-B413-B4789DF0D66A}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0D96CAEE-A1D4-427C-834D-A670D618BD42}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{BDBF7F29-ED7D-4620-B957-17111D6C6277}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{A17AEE49-7E40-42BC-A867-4AFD1E8FEBB5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{B29B8897-7E64-4B5D-A32C-67AC1437B22E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4CD07DC7-87E3-4E70-A796-0B90CCCCD74E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4C8357B9-C4A9-4841-A20E-E5484959041B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{69D1D28C-97B9-4EF1-AE94-48C3D4D07CDC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{51B55648-FE3C-4EB8-99A7-6360A04CA2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-04-2017 20:44:19 IIF_MSI
11-04-2017 21:56:39 JRT Pre-Junkware Removal
15-04-2017 19:33:26 Windows Update
15-04-2017 20:23:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/18/2017 07:51:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/18/2017 04:03:34 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/18/2017 04:03:34 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/18/2017 03:37:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-1H69R6C)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/18/2017 03:19:21 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/18/2017 03:19:21 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/17/2017 07:43:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/15/2017 09:02:00 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/15/2017 09:02:00 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/15/2017 08:23:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (04/18/2017 07:47:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:47:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:47:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:46:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1H69R6C)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (04/18/2017 07:46:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:44:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:44:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 07:43:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1H69R6C)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (04/18/2017 07:43:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2017-04-18 19:49:33.682
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.682
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.680
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.663
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 15:00:23.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-05 20:36:29.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ea62e0c945f71b38\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 22:00:41.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_94ef852442bb9b92\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 28%
Total physical RAM: 16202 MB
Available physical RAM: 11639.47 MB
Total Virtual: 18634 MB
Available Virtual: 14030.35 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:462.86 GB) (Free:306.29 GB) NTFS
Drive d: (Doom) (CDROM) (Total:62.3 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 2599A35B)

Partition: GPT.

==================== End of Addition.txt ============================

M-K-D-B · 19.04.2017, 10:19

Servus,

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Robin78 · 19.04.2017, 19:33

Fixlog.txt

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by robin (19-04-2017 20:17:11) Run:1
Running from C:\Users\robin\Desktop
Loaded Profiles: robin (Available Profiles: defaultuser0 & robin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Processes closed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35019373 B
Java, Flash, Steam htmlcache => 1585 B
Windows/system/drivers => 16247404 B
Edge => 234802025 B
Chrome => 529606481 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => -650 B
defaultuser0 => 588289 B
robin => 207250893 B

RecycleBin => 575266036 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:20:03 ====

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01
Ran by robin (administrator) on DESKTOP-1H69R6C (19-04-2017 20:31:30)
Running from C:\Users\robin\Desktop
Loaded Profiles: defaultuser0 & robin (Available Profiles: defaultuser0 & robin)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
() C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
(Realtek Semiconductor) C:\Windows\System32\RtkUGui64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_WAVES_SKYLAKE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-10] (Realtek Semiconductor)
HKLM\...\Run: [PremierColor] => C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe [5169488 2016-10-21] (Portrait Displays, Inc.)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1682304 2016-12-02] (Sphinx Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTKUGUI] => C:\Windows\system32\RtkUGui64.exe [8611584 2016-05-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-01-17] (Intel Corporation)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [945112 2016-12-27] (Waves Audio Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-02-10] (DivX, LLC)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\MountPoints2: {24221694-feb4-11e6-bc26-9cb6d0dadc9c} - "D:\setup.exe" 
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f772f74b-9219-46db-a5fc-b98a542637c3}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-01] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

Edge: 
======
Edge Extension: (Save to Pocket) -> EdgeExtension_PocketSavetoPocket_v63j13wrfzj3t => C:\Program Files\WindowsApps\Pocket.SavetoPocket_2.0.38.0_neutral__v63j13wrfzj3t [2017-04-06]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-02-09] (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-07] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default [2017-04-19]
CHR Extension: (Google Präsentationen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-10]
CHR Extension: (Google Docs) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-10]
CHR Extension: (Google Drive) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (DuckDuckGo Search) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-03-24]
CHR Extension: (YouTube) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Adblock Plus) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-06]
CHR Extension: (Google Tabellen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-10]
CHR Extension: (Google Docs Offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-12]
CHR Extension: (Page Ruler) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2017-03-10]
CHR Extension: (Save to Pocket) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-03-17]
CHR Extension: (Mute Button) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmpomgcifgjgecjkglgdbbhlbjceehj [2017-03-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHeciSvc.exe [285184 2017-01-06] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\IntelCpHDCPSvc.exe [462848 2017-01-06] (Intel Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2017-01-12] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [121376 2016-11-28] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-10-13] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-10-13] (Dell Inc.)
R2 DellPremierColorService; C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe [196944 2016-10-21] (Portrait Displays, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-25] ()
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-01-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igfxCUIService.exe [324608 2017-01-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-15] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-09-22] (Rivet Networks)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-10] (Realtek Semiconductor)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2017-03-16] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-02-24] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-10-25] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [412632 2016-12-27] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4065736 2016-12-02] (Sphinx Software)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{9AFCFC5C-82EA-42CC-B821-B83087347DBA}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks, LLC.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32952 2016-10-13] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-03-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-03-02] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [184632 2016-08-30] (Intel Corporation)
S3 iaLPSS2_SPI; C:\Windows\System32\drivers\iaLPSS2_SPI.sys [151352 2016-08-30] (Intel Corporation)
S3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-30] (Intel Corporation)
R3 igfx; C:\Windows\System32\DriverStore\FileRepository\k120160.inf_amd64_0a2d191c705d3b2e\igdkmd64.sys [11058136 2017-01-06] (Intel Corporation)
R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [225888 2016-11-08] (Intel(R) Corporation)
R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [728672 2016-11-08] (Intel(R) Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-18] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92096 2017-04-19] (Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [371352 2016-08-04] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nhi; C:\Windows\system32\DRIVERS\tbt81x.sys [129608 2016-11-20] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 Qcamain10x64; C:\Windows\system32\DRIVERS\Qcamain10x64.sys [2403248 2016-09-22] (Qualcomm Atheros, Inc.)
S3 RtkUsbAD; C:\Windows\system32\drivers\RtUsbA64.sys [118016 2016-05-24] (Realtek Semiconductor Corp.)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-05] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [366640 2016-10-26] (Realtek                                                                )
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-19 20:31 - 2017-04-19 20:31 - 00028064 _____ C:\Users\robin\Desktop\FRST.txt
2017-04-19 20:17 - 2017-04-19 20:20 - 00002283 _____ C:\Users\robin\Desktop\Fixlog.txt
2017-04-19 17:12 - 2017-04-19 17:12 - 00000000 ___HD C:\OneDriveTemp
2017-04-18 22:09 - 2017-04-18 22:09 - 00001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adbLink.lnk
2017-04-18 22:09 - 2017-04-18 22:09 - 00000000 ____D C:\Users\robin\.android
2017-04-18 22:06 - 2017-04-18 22:08 - 17481010 _____ (jocala.com ) C:\Users\robin\Downloads\adblw205.exe
2017-04-18 22:01 - 2017-04-18 22:01 - 00000131 _____ C:\Users\robin\Downloads\display-density-280.zip
2017-04-18 19:54 - 2017-04-18 19:54 - 00001242 _____ C:\Users\robin\Desktop\mbam.txt
2017-04-18 19:49 - 2017-04-19 20:23 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-18 19:49 - 2017-04-19 20:20 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-18 19:49 - 2017-04-19 20:20 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-18 19:49 - 2017-04-19 20:20 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-18 19:49 - 2017-04-18 19:49 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-18 19:49 - 2017-04-18 19:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-18 19:49 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-18 19:48 - 2017-04-18 19:48 - 60107896 _____ (Malwarebytes ) C:\Users\robin\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-18 19:45 - 2017-04-18 19:46 - 00566128 _____ (Malwarebytes) C:\Users\robin\Desktop\mbam-clean-2.3.0.1001.exe
2017-04-18 19:33 - 2017-04-18 19:34 - 04089296 _____ C:\Users\robin\Desktop\AdwCleaner_6.045.exe
2017-04-17 20:27 - 2017-04-17 20:39 - 00284882 _____ C:\TDSSKiller.3.1.0.12_17.04.2017_20.27.51_log.txt
2017-04-17 20:27 - 2017-04-17 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\robin\Downloads\tdsskiller.exe
2017-04-17 20:27 - 2017-04-17 20:27 - 04747704 _____ (AO Kaspersky Lab) C:\Users\robin\Desktop\tdsskiller.exe
2017-04-17 20:25 - 2017-04-17 20:26 - 00284578 _____ C:\TDSSKiller.3.1.0.12_17.04.2017_20.25.29_log.txt
2017-04-17 20:14 - 2017-04-19 20:31 - 00000000 ____D C:\FRST
2017-04-17 20:14 - 2017-04-18 20:03 - 00104715 _____ C:\Users\robin\Downloads\FRST.txt
2017-04-17 20:14 - 2017-04-18 20:03 - 00041092 _____ C:\Users\robin\Downloads\Addition.txt
2017-04-17 20:13 - 2017-04-17 20:14 - 02424832 _____ (Farbar) C:\Users\robin\Desktop\FRST64.exe
2017-04-15 20:54 - 2017-04-15 20:54 - 00001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-15 20:54 - 2017-04-15 20:54 - 00000000 ____D C:\Program Files\VS Revo Group
2017-04-15 20:32 - 2017-04-15 20:32 - 00001312 _____ C:\Users\Public\Desktop\Kaspersky Software Updater.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00001130 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-15 20:32 - 2017-04-15 20:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-04-15 20:31 - 2017-04-15 20:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-04-15 20:29 - 2017-04-15 20:29 - 00830540 _____ C:\Windows\Minidump\041517-7640-01.dmp
2017-04-15 20:24 - 2017-04-15 20:24 - 00000546 _____ C:\Users\robin\Desktop\JRT.txt
2017-04-15 19:56 - 2017-04-15 19:56 - 00000000 ____D C:\Users\robin\AppData\LocalLow\Sun
2017-04-15 19:54 - 2017-04-01 20:52 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-15 19:54 - 2017-04-01 20:52 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-11 21:40 - 2017-04-18 19:37 - 00000000 ____D C:\AdwCleaner
2017-04-11 21:09 - 2017-04-11 21:09 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-04-11 21:09 - 2017-04-11 21:09 - 00000000 ____D C:\Program Files\Waves
2017-04-11 21:08 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-04-11 21:08 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 21:08 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-11 21:08 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-04-11 21:08 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-11 21:08 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 21:08 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-11 21:08 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-11 21:08 - 2017-03-28 08:15 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-04-11 21:08 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 21:08 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-04-11 21:08 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 21:08 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-11 21:08 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-04-11 21:08 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 21:08 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-04-11 21:08 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-04-11 21:08 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-11 21:08 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 21:08 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-04-11 21:08 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-11 21:08 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 21:08 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-04-11 21:08 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-04-11 21:08 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 21:08 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-04-11 21:08 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-04-11 21:08 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-04-11 21:08 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 21:08 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:08 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys
2017-04-11 21:08 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-04-11 21:08 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-04-11 21:08 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-04-11 21:08 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-04-11 21:08 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 21:08 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-04-11 21:08 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-04-11 21:08 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-04-11 21:08 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-04-11 21:08 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-04-11 21:08 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-04-11 21:08 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-04-11 21:08 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-11 21:08 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 21:08 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-04-11 21:08 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-04-11 21:08 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-04-11 21:08 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-04-11 21:08 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-04-11 21:08 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-11 21:08 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-04-11 21:08 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-04-11 21:08 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 21:08 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-04-11 21:08 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 21:08 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-04-11 21:08 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-04-11 21:08 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-11 21:08 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-04-11 21:08 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-04-11 21:08 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-04-11 21:08 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-04-11 21:08 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 21:08 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-04-11 21:08 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-04-11 21:08 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03203584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-04-11 21:08 - 2017-01-10 10:41 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-04-11 21:08 - 2017-01-10 10:41 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 23547544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 17398616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 09072629 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-04-11 21:08 - 2017-01-10 10:40 - 03503040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 02201600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 01353824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00240128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2017-04-11 21:08 - 2017-01-10 10:40 - 00200704 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-11 21:07 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-11 21:07 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-04-11 21:07 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-04-11 21:07 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-04-11 21:07 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-04-11 21:07 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-11 21:07 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-04-11 21:07 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-11 21:07 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-11 21:07 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-04-11 21:07 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-04-11 21:07 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-11 21:07 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-04-11 21:07 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll
2017-04-11 21:07 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 21:07 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2017-04-11 21:07 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2017-04-11 21:07 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-11 21:07 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-04-11 21:07 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-04-11 21:07 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 21:07 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 21:07 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2017-04-11 21:07 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-04-11 21:07 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-04-11 21:07 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-04-11 21:07 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-04-11 21:07 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-04-11 21:07 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-04-11 21:07 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 21:07 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-04-11 21:07 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-04-11 21:07 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2017-04-11 21:07 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-04-11 21:07 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-04-11 21:07 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-04-11 21:07 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-04-11 21:07 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-11 21:07 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-04-11 21:07 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 21:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 21:07 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-04-11 21:07 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-04-11 21:07 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-04-11 21:07 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-04-11 21:07 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-04-11 21:07 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-04-11 21:07 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-11 21:07 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 21:07 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-04-11 21:07 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2017-04-11 20:54 - 2017-04-11 20:54 - 00000000 ____D C:\Windows\{D82A5F87-1615-44EA-A80A-8629F6F49D54}
2017-04-11 20:44 - 2017-04-15 20:04 - 00001098 _____ C:\Users\Public\Desktop\Dell PremierColor.lnk
2017-04-11 20:44 - 2017-04-11 20:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-11 20:39 - 2017-04-11 20:39 - 00000000 _____ C:\Windows\invcol.tmp
2017-04-08 11:35 - 2017-04-11 21:11 - 00020848 _____ C:\Users\robin\Desktop\Übersicht Steuern_neu.xlsx
2017-04-07 22:56 - 2017-04-07 22:56 - 00002212 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-04-07 22:56 - 2017-04-01 05:27 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-07 22:55 - 2017-04-01 03:36 - 00136248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-04-07 22:53 - 2017-04-01 05:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-07 22:53 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-07 14:21 - 2017-03-02 19:49 - 02798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe
2017-04-05 21:52 - 2017-04-05 21:52 - 01988508 _____ C:\Windows\Minidump\040517-10515-01.dmp
2017-04-04 19:07 - 2017-04-04 19:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-04 17:36 - 2017-04-04 17:37 - 00000000 ____D C:\ProgramData\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Users\robin\AppData\Roaming\elsterformular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-04-04 17:36 - 2017-04-04 17:36 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit AgentInformation
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\Users\Public\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit Software
2017-03-28 19:34 - 2017-03-28 19:34 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2017-03-28 19:33 - 2017-04-04 20:10 - 00000000 ____D C:\Users\robin\AppData\Roaming\Foxit Software
2017-03-28 19:33 - 2017-03-28 19:33 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-03-25 18:04 - 2017-03-25 18:04 - 00859348 _____ C:\Windows\Minidump\032517-10093-01.dmp
2017-03-24 20:14 - 2017-03-24 20:14 - 00156196 _____ C:\Windows\system32\tbt_log.txt
2017-03-22 19:26 - 2017-03-22 19:26 - 00003561 _____ C:\Users\robin\AppData\LocalLow\lpm.dat
2017-03-22 19:26 - 2017-03-22 19:26 - 00000000 ____D C:\Users\robin\AppData\Local\DivX
2017-03-21 20:06 - 2017-03-17 03:01 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437892.dll
2017-03-21 20:06 - 2017-03-17 03:01 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437892.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-19 20:25 - 2017-02-24 11:42 - 02777778 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-19 20:25 - 2016-08-01 22:36 - 01115494 _____ C:\Windows\system32\perfh007.dat
2017-04-19 20:25 - 2016-08-01 22:36 - 00274326 _____ C:\Windows\system32\perfc007.dat
2017-04-19 20:21 - 2017-03-01 19:36 - 00000000 ___RD C:\Users\robin\OneDrive
2017-04-19 20:21 - 2017-03-01 19:34 - 00000000 __SHD C:\Users\robin\IntelGraphicsProfiles
2017-04-19 20:21 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-19 20:20 - 2017-02-24 11:31 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-19 20:20 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-04-19 19:31 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-04-19 19:15 - 2017-02-24 11:31 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-04-19 17:13 - 2017-03-01 19:34 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2017-04-18 22:09 - 2017-03-01 17:47 - 00000000 ____D C:\Users\robin
2017-04-18 21:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-04-18 20:30 - 2017-03-01 22:21 - 00000000 ____D C:\Users\robin\AppData\Roaming\npm-cache
2017-04-18 20:18 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\AppData\Local\Eclipse
2017-04-18 20:18 - 2017-03-01 21:13 - 00000000 ____D C:\Users\robin\.p2
2017-04-18 15:37 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-17 20:34 - 2017-03-13 21:57 - 00000000 ____D C:\Users\robin\AppData\Roaming\Notepad++
2017-04-17 19:28 - 2017-03-18 17:29 - 00004600 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-17 19:28 - 2017-03-18 17:29 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-17 19:28 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-15 20:29 - 2017-03-10 19:35 - 1239498308 _____ C:\Windows\MEMORY.DMP
2017-04-15 20:29 - 2017-03-10 19:35 - 00000000 ____D C:\Windows\Minidump
2017-04-15 20:04 - 2017-03-01 22:51 - 00000000 ____D C:\Users\robin\AppData\Local\CrashDumps
2017-04-15 19:58 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-04-15 19:54 - 2017-02-24 12:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-15 19:52 - 2017-02-24 11:31 - 00335528 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-15 19:51 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-15 19:51 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2017-04-15 19:50 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-15 19:39 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-04-15 19:35 - 2017-03-05 18:50 - 00000000 ____D C:\Windows\system32\MRT
2017-04-15 19:33 - 2017-03-05 18:50 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-15 19:33 - 2017-03-02 19:43 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-15 19:33 - 2017-03-01 19:36 - 00002369 _____ C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-11 21:54 - 2016-07-16 16:10 - 00000000 ____D C:\Windows\DigitalLocker
2017-04-11 21:09 - 2017-02-24 11:43 - 00003218 _____ C:\Windows\System32\Tasks\RtHDVBg_PushButton
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2017-04-11 21:09 - 2017-02-24 11:43 - 00000000 ____D C:\Windows\system32\RTCOM
2017-04-11 21:09 - 2017-02-24 11:42 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-11 21:08 - 2017-02-24 11:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-04-11 21:08 - 2017-02-24 11:42 - 00001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2017-04-11 20:44 - 2017-02-24 11:42 - 00000000 ____D C:\Program Files\Intel
2017-04-11 20:40 - 2017-03-02 19:57 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-07 22:56 - 2017-02-24 11:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-07 22:55 - 2017-02-24 11:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-07 15:23 - 2017-03-15 22:17 - 00020502 _____ C:\Users\robin\Desktop\Übersicht Steuern.xlsx
2017-04-07 13:51 - 2017-03-10 20:50 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-07 13:51 - 2017-03-10 20:50 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-06 20:36 - 2017-03-10 20:51 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 20:36 - 2017-03-10 20:51 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-05 20:58 - 2017-03-02 21:34 - 00000000 ____D C:\Users\robin\.VirtualBox
2017-04-05 19:36 - 2017-03-03 21:01 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-04 19:08 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-04 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-01 05:27 - 2017-02-24 11:46 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-04-01 05:27 - 2017-02-24 11:46 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-04-01 04:10 - 2017-02-24 11:47 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-04-01 04:10 - 2017-02-24 11:47 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-04-01 04:09 - 2017-03-02 22:14 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-01 02:41 - 2017-03-02 22:13 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-03-31 12:15 - 2017-02-24 11:47 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-03-29 20:39 - 2017-03-01 19:34 - 00000000 ____D C:\Users\robin\AppData\Local\Packages
2017-03-28 08:20 - 2017-02-24 11:42 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-03-26 20:21 - 2017-03-01 22:11 - 00000000 ____D C:\Users\robin\.webclipse
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt(TM) Software
2017-03-24 20:14 - 2017-02-24 11:43 - 00000000 ____D C:\Intel
2017-03-22 19:26 - 2017-03-18 17:12 - 00000000 ____D C:\Users\robin\AppData\Roaming\DivX
2017-03-21 21:10 - 2017-03-16 19:17 - 00000000 ___RD C:\Users\robin\OneDrive\Documents\Scanned Documents

==================== Files in the root of some directories =======

2017-04-07 14:21 - 2017-03-02 19:49 - 2798048 _____ (NETGEAR, Inc) C:\Program Files\RAIDar.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-18 15:00

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

Robin78 · 19.04.2017, 19:37

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by robin (19-04-2017 20:32:08)
Running from C:\Users\robin\Desktop
Windows 10 Pro Version 1607 (X64) (2017-03-01 15:45:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1450654099-1454004737-3937552921-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1450654099-1454004737-3937552921-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1450654099-1454004737-3937552921-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1450654099-1454004737-3937552921-501 - Limited - Disabled)
robin (S-1-5-21-1450654099-1454004737-3937552921-1001 - Administrator - Enabled) => C:\Users\robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
adbLink version 2.05 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 2.05 - jocala.com)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Ansel (Version: 381.65 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Dell Data Vault (Version: 4.4.0.0 - Dell Inc.) Hidden
Dell PremierColor (HKLM\...\{5CA2B02F-FC89-4F42-A3DA-7649B8EFF194}) (Version: 3.01.002 - Portrait Displays, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssist Remediation (HKLM-x32\...\{cc46e7bd-06f4-45e0-8b67-3ccaca1e4755}) (Version: 2.0.2.1835 - Dell Inc.)
Dell SupportAssist Remediation (Version: 2.0.2.1835 - Dell Inc.) Hidden
Dell SupportAssistAgent (HKLM-x32\...\{CD2DF2B3-01E7-47FF-AF9C-725FC5FF6409}) (Version: 1.3.2.3 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
DSC/AA Factory Installer (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.1.30.20170325 - Landesfinanzdirektion Thüringen)
Epic Games Launcher (HKLM-x32\...\{FC1F25AF-C8BB-404E-B15F-1B12CAB98E7F}) (Version: 1.1.96.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Git version 2.12.0 (HKLM\...\Git_is1) (Version: 2.12.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.10.1044 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)
Kaspersky Software Updater (x32 Version: 2.0.0.623 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.64.1312 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.64.1312 - Rivet Networks)
Killer Wireless-AC Drivers (Version: 1.1.64.1312 - Rivet Networks) Hidden
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 2.7.9011.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Node.js (HKLM\...\{84F68739-3B44-4D36-ABDB-2151A23C9C3D}) (Version: 6.10.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8037 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.50 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.12.1007.2016 - Realtek)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Synaptics Fingerprint Reader(WBF) (HKLM\...\{204CE0B6-C8CA-470F-A5B0-12A848545379}) (Version: 5.1.3214.26 - Synaptics Incorporated)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows10FirewallControl Free 8.1.0.16 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.1.0.16 - Sphinx Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1450654099-1454004737-3937552921-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009DF91C-F583-40AF-A63E-0C2423877E0B} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe 
Task: {00C1F32B-A14F-4381-B905-306A509AA5CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {17BE4ED4-59B7-4338-A3D1-E34724372948} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {27F05B65-1F3E-46C7-B285-DD5DCB0B0EAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {2B1890E7-FAD3-47A3-9D65-CB3AF3E743D8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe 
Task: {3C93B0C2-9493-41F3-942D-CB533BCF00FD} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2017-01-12] (Dell Inc.)
Task: {47B09345-5BFD-4AD6-94DF-BDC941C93A92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {48E41CA8-B1FA-47AD-BBFF-70E579463BCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-10] (Google Inc.)
Task: {4C24968A-B4C9-4F35-8DE5-41FCF40F5899} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {52AAEF83-F3CF-4344-9058-BACA797CF84E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-27] (Intel(R) Corporation)
Task: {5806A7AE-BF11-4216-BED1-39F7083ED779} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe 
Task: {5BC7D57E-D8FB-425D-844C-640096D6ED6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {68A47FD0-5A12-4443-AA82-BB2BECA74835} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {7493BC3A-4455-4B5E-953C-4B24DD004AA0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {8A5228F6-9872-4923-A99C-B7D616963F98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-26] (Microsoft Corporation)
Task: {96F3BC87-EFB6-4597-AAC4-3DCA2705EC65} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {A300453A-AF19-4961-9164-3BB8B0F0FDCF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-01-10] (Realtek Semiconductor)
Task: {A78CA869-0B2C-4890-BECB-D1CF8EBA0F50} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-10-25] (Dell Inc.)
Task: {C1660831-8AD8-4E58-930E-5B4EF6D07A47} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {C5ADED52-00FE-4389-BD04-61AC32265212} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-17] (Adobe Systems Incorporated)
Task: {CB7AE228-0E76-4C38-A125-ED59F8D34EC3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {D51B53A5-F84D-4E65-9D2C-27A53FD93300} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe 
Task: {E7C42226-3250-4804-A8E9-772EADF75FCA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {F0747D1C-58F6-4D3A-8C56-C8BF48DADD5A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {F4BC44A0-F436-43FA-994D-5C4EFB6C2AAF} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-02-03] (DivX, LLC)
Task: {F9A641CD-D87B-4F98-B683-E5A6C23F2927} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe 
Task: {FECBFDE2-2FB7-400D-AB50-793232BABBC0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-03-16 19:27 - 2015-03-12 04:43 - 00022528 _____ () C:\Windows\System32\us003lm.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-16 19:27 - 2017-03-16 19:27 - 00143664 ____N () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2017-04-18 19:49 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-18 19:49 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-11 21:08 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-02-24 11:25 - 2017-02-24 11:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:36 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:37 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:37 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-11 21:07 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-11 21:08 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-15 19:39 - 2017-04-15 19:40 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-15 19:39 - 2017-04-15 19:40 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2016-10-21 03:09 - 2016-10-21 03:09 - 00280400 _____ () C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
2017-03-16 19:29 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2017-03-16 19:29 - 2013-06-28 16:36 - 00091136 _____ () C:\Windows\system32\SSDEVM64.DLL
2017-04-06 20:36 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 20:36 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-02 22:14 - 2017-02-23 20:36 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-02 22:14 - 2017-02-23 20:35 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-11-26 23:42 - 2016-11-26 23:42 - 00332104 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\dblite.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libcef.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-11-26 23:37 - 2016-11-26 23:37 - 00418512 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2017-03-02 22:14 - 2017-02-23 16:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-03-02 22:14 - 2017-02-23 16:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-03-02 22:14 - 2017-02-23 16:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-21 20:21 - 2016-12-21 20:21 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libglesv2.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libegl.dll
2016-09-15 06:25 - 2016-09-15 06:25 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1450654099-1454004737-3937552921-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1450654099-1454004737-3937552921-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\XPS 15 Wallpaper Red Mum Flower WQHD.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{2F42B276-C379-4C67-A403-5C41C0EB2867}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [UDP Query User{674FA980-0D83-4B0C-8A2D-91254383B5BF}C:\program files\eclipse\eclipse_neon_2\eclipse.exe] => (Allow) C:\program files\eclipse\eclipse_neon_2\eclipse.exe
FirewallRules: [TCP Query User{337CD8FB-948A-464B-9DF2-1D9FB107B346}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{1A63221C-06AC-467E-A04F-C3D7A642F661}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{668B1D3E-EFAD-47E2-B5F8-871899C4E3B7}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [UDP Query User{2BB90E6B-A6F5-40CF-95D7-B185993D1576}C:\users\robin\appdata\local\raidar\raidar.exe] => (Allow) C:\users\robin\appdata\local\raidar\raidar.exe
FirewallRules: [{47802D7A-3EFE-4B66-A5C3-91BAFEDD276E}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{10322437-84B3-4013-9860-E54975D668BD}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [{EAF54FC7-4FBC-4B3D-ADED-9665D2E6CE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FC93204-8D30-48FF-91ED-C15D30BD30D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1D1D88A1-4B0D-4CF0-A22F-A4FF3EBA4EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BB9C5582-0D58-4449-AF4C-9A1848D7742F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4276B9F8-DD16-4181-9799-C3EC6889AFB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E29BD7-0E93-4F98-A77A-14B6B7A5E748}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BF415850-EF03-4F0E-A993-38ACCDA00F4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1F016856-6A94-441F-9783-36C5B6CDD52E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{27F7A04A-7C4B-41D8-97F0-87FA7617A644}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CC5FE35E-0BCE-4C3D-B2F7-C9F214017759}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{1D7B8FA1-256A-4120-B307-7F55AE5EE035}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{83260F9F-5C18-4F49-B413-B4789DF0D66A}C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0D96CAEE-A1D4-427C-834D-A670D618BD42}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{BDBF7F29-ED7D-4620-B957-17111D6C6277}C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{A17AEE49-7E40-42BC-A867-4AFD1E8FEBB5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{B29B8897-7E64-4B5D-A32C-67AC1437B22E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4CD07DC7-87E3-4E70-A796-0B90CCCCD74E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{4C8357B9-C4A9-4841-A20E-E5484959041B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{69D1D28C-97B9-4EF1-AE94-48C3D4D07CDC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{51B55648-FE3C-4EB8-99A7-6360A04CA2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-04-2017 20:44:19 IIF_MSI
11-04-2017 21:56:39 JRT Pre-Junkware Removal
15-04-2017 19:33:26 Windows Update
15-04-2017 20:23:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2017 07:52:52 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/18/2017 10:11:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: nvxdsyncplugin.dll_unloaded, version: 8.17.13.8165, time stamp: 0x58df02a5
Exception code: 0xc0000005
Fault offset: 0x0000000000046bf9
Faulting process id: 0x628
Faulting application start time: 0x01d2b87ff99fc52a
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: nvxdsyncplugin.dll
Report Id: 61645a53-045b-4648-8ef6-d2e340cd35bc
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 10:11:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: nvxdsyncplugin.dll_unloaded, version: 8.17.13.8165, time stamp: 0x58df02a5
Exception code: 0xc0000005
Fault offset: 0x0000000000047861
Faulting process id: 0x1efc
Faulting application start time: 0x01d2b87ff930e170
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: nvxdsyncplugin.dll
Report Id: 11154267-65bb-4dd8-8c12-8bac306ddd1f
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 10:11:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: nvxdsyncplugin.dll_unloaded, version: 8.17.13.8165, time stamp: 0x58df02a5
Exception code: 0xc0000005
Fault offset: 0x0000000000047861
Faulting process id: 0x1c58
Faulting application start time: 0x01d2b87ff8e074b7
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: nvxdsyncplugin.dll
Report Id: ffbde6d2-bb3f-438b-8165-6baf696c2528
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 10:11:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: nvxdsyncplugin.dll_unloaded, version: 8.17.13.8165, time stamp: 0x58df02a5
Exception code: 0xc0000005
Fault offset: 0x0000000000047861
Faulting process id: 0x24dc
Faulting application start time: 0x01d2b87ff88803cb
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: nvxdsyncplugin.dll
Report Id: a72328f5-98b9-48c9-8679-487d6ef92c18
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 10:11:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: nvxdsyncplugin.dll_unloaded, version: 8.17.13.8165, time stamp: 0x58df02a5
Exception code: 0xc0000005
Fault offset: 0x0000000000047861
Faulting process id: 0xe90
Faulting application start time: 0x01d2b87ff81251d8
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: nvxdsyncplugin.dll
Report Id: a314bf14-9c82-493d-ab77-fa2963130abe
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 09:47:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NVDisplay.Container.exe, version: 1.2.0.0, time stamp: 0x58df0aaf
Faulting module name: combase.dll, version: 10.0.14393.953, time stamp: 0x58ba5954
Exception code: 0xc0000005
Fault offset: 0x00000000000b0719
Faulting process id: 0x578
Faulting application start time: 0x01d2b86bd305165a
Faulting application path: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Faulting module path: C:\Windows\System32\combase.dll
Report Id: fc2c4a51-0352-4b87-89f5-f5bd31e4b1ce
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/18/2017 08:19:23 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/18/2017 08:19:23 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (04/18/2017 07:51:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (04/19/2017 08:29:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1H69R6C)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user DESKTOP-1H69R6C\robin SID (S-1-5-21-1450654099-1454004737-3937552921-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:21:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:21:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:21:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:20:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1H69R6C)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (04/19/2017 08:20:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:17:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
An instance of the service is already running.

Error: (04/19/2017 08:17:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Waves Audio Services service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/19/2017 08:17:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Killer Service V2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (04/19/2017 08:17:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2017-04-18 19:49:33.682
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.682
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.680
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.663
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 19:49:33.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-18 15:00:23.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_323791d5eb27505c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-05 20:36:29.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ea62e0c945f71b38\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 22:00:41.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_94ef852442bb9b92\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 26%
Total physical RAM: 16202 MB
Available physical RAM: 11951.96 MB
Total Virtual: 18634 MB
Available Virtual: 14315.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:462.86 GB) (Free:307.04 GB) NTFS
Drive d: (Doom) (CDROM) (Total:62.3 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 2599A35B)

Partition: GPT.

==================== End of Addition.txt ============================

Eine kleine Frage.
Wie erzeuge ich die Logdatei von SystemLook?

Schonmal sehr vielen Dank für die tolle Hilfe. Es ist echt klasse, dass es Leute wie Euch gibt.
Gruß,

Robin

M-K-D-B · 19.04.2017, 20:10

Servus,

wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Robin78 · 20.04.2017, 19:55

Hitman Pro

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.18.284
www.hitmanpro.com

   Computer name . . . . : DESKTOP-1H69R6C
   Windows . . . . . . . : 10.0.0.14393.X64/8
   User name . . . . . . : DESKTOP-1H69R6C\robin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-04-20 20:51:23
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 19s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 3

   Objects scanned . . . : 2.247.111
   Files scanned . . . . : 114.609
   Remnants scanned  . . : 641.327 files / 1.491.175 keys

Suspicious files ____________________________________________________________

   C:\Users\robin\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.832 bytes
      Age  . . . . . . . : 3.0 days (2017-04-17 20:13:29)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 17C88B8B1A982791D8D42785156D30B21204C0C379C8BAAF876E7D81ABCC1E24
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Repairs _____________________________________________________________________

   DellCommandPowerManagerAlertEventConsumer
   WMI:root\subscription\ActiveScriptEventConsumer\

   DellCommandPowerManagerPolicyChangeEventConsumer
   WMI:root\subscription\ActiveScriptEventConsumer\

M-K-D-B · 20.04.2017, 21:52

Servus,

gut gemacht.

Fehlen noch die anderen Schritte.

20.04.2017, 21:52	#15
M-K-D-B /// TB-Ausbilder	Chrome und I-Explorer öffnen dauernd neue Tabs mit Werbung Servus, gut gemacht. Fehlen noch die anderen Schritte.

Chrome und I-Explorer öffnen dauernd neue Tabs mit Werbung

Log-Analyse und Auswertung: Chrome und I-Explorer öffnen dauernd neue Tabs mit Werbung